Secure communication in mobile digital pages

ABSTRACT

Secure communication in mobile digital pages is provided. The system receives an electronic document and validates the electronic document for storage in a cache server. The system receives a request for the electronic document and provides it to a viewer component on a client computing device. The viewer component loads the electronic document in an iframe. The viewer component executes a runtime component to receive, via a secure communication channel, a tag from the electronic document. The system receives the tag and selects a data value for transmission to the viewer component. The viewer components provides the data value to cause the runtime component to execute an action with the data value.

CROSS-REFERENCES TO RELATED APPLICATIONS

This application is a U.S. National Stage under 35 U.S.C. § 371 ofInternational Patent Application No. PCT/US2019/030811, filed on May 6,2019 and designating the United States, which is hereby incorporated byreference herein in its entirety.

BACKGROUND

Applications can be installed on a computing device. The computingdevice can execute the application. The application can present digitalcontent.

SUMMARY

At least one aspect is directed to a system for secure communication inmobile digital pages, electronic documents or other electronicresources. The system can include a data processing system having one ormore processors and memory. The data processing system can include orexecute a validation component. The validation component can receive,from a third party developer device, an electronic document configuredto interface with a runtime application programming interface. Thevalidation component can validate the electronic document based on avalidation policy. The validation component can store, responsive tovalidation of the electronic document, the electronic document on acache server of the data processing system. The cache server canreceive, from a viewer component executed by a client computing device,a request to access the electronic document. The cache server canprovide, responsive to the request, the electronic document to theviewer component to cause the viewer component to perform one or moreaction or functions. The viewer component can load, in an iframe, theelectronic document for display via the client computing device. Theviewer component can execute, in the electronic document, a runtimecomponent to identify a tag coded with a markup language in theelectronic document. The viewer component can receive, from the runtimecomponent via a secure communication channel, an indication of the tag.The data processing system can receive, from the viewer component, theindication of the tag. The data processing system can select, based onthe indication of the tag, a data value. The data processing system cantransmit, to the viewer component executed by the client computingdevice. The data value to cause the viewer component to perform one ormore actions or function. The viewer component can generate a promptcomprising the data value. The viewer component can receive, responsiveto the prompt, input from the client computing device. The viewercomponent can provide, via the secure communication channel andresponsive to the input, the data value to the runtime component tocause the runtime component to execute an action with the data value viathe electronic document. The secure communication channel can be privateas it may not include the third-party developer.

The data processing system can parse the electronic document responsiveto receipt of the electronic document from the third party developerdevice. The data processing system can determine, based on parsing theelectronic document, that JavaScript is absent from the electronicdocument. The data processing system can validate, responsive to thedetermination that JavaScript is absent from the electronic document,the electronic document for storage in the cache server of the dataprocessing system.

The data processing system can receive a second electronic document. Thedata processing system can detect a presence of JavaScript in the secondelectronic document responsive to receipt of the second electronicdocument. The data processing system can determine, responsive todetection of the presence of the JavaScript in the second electronicdocument, not to validate the second electronic document and remove thesecond electronic document from storage in the cache server.

The data processing system can identify the markup language in theelectronic document responsive to receipt of the electronic documentfrom the third party developer device. The data processing system candetermine, based on a format of the markup language, that the electronicdocument is valid for secure communication in mobile digital pages. Thedata processing system can store, in the cache server, the electronicdocument responsive to validation of the electronic document for securecommunication in mobile digital pages.

The cache server can include a proxy server for a server of the thirdparty developer device that provided the electronic document. The cacheserver can intercept a request to access the electronic document. Thecache server can perform a lookup in storage of the cache server todetermine that the electronic document has been validated and stored inthe cache server. The cache server can retrieve, from storage in thecache server, the electronic document instead of accessing a server ofthe third party developer device that provided the electronic document.The cache server can transmit, from storage of the cache server, theelectronic document to the viewer component executed by the clientcomputing device.

The data processing system can receive, from the viewer componentinterfacing with the runtime component via the secure communicationchannel, the indication of the tag. The data processing system canretrieve, responsive to the tag, the data value from an accountassociated with the client computing device stored on the dataprocessing system. The data processing system can provide, to the viewercomponent, the data value to cause the viewer component to generate theprompt including the data value.

The data processing system can identify the data value responsive toreceipt of the indication of the tag from the viewer component, the datavalue associated with the client computing device and stored on the dataprocessing system. The data processing system can provide the data valueto the viewer component to cause the viewer component to display, in anoverlay, the prompt generated to include the data value.

The data processing system can identify a plurality of candidate datavalues responsive to receipt of the indication of the tag from theviewer component. The data processing system can provide the pluralityof candidate data values for display in the prompt, wherein the promptrestricts access by the electronic document to at least one of theplurality of candidate data values. The viewer component can blockaccess to the data value by the electronic document prior to the inputfrom the client computing device.

The data processing system can search one or more electronic datasources associated with the client computing device to identify the datavalue responsive to the indication of the tag. The input can include aninstruction from the client computing device to grant the electronicdocument access to the data value provided by the data processing systemresponsive to the indication of the tag. The action can include anelectronic transaction using the data value.

At least one aspect is directed to a method of secure communication inmobile digital pages. The method can be performed by a data processingsystem having a processor and memory. The method can include the dataprocessing system receiving, from a third party developer device, anelectronic document configured to interface with a runtime applicationprogramming interface. The method can include the data processing systemvalidating the electronic document based on a validation policy. Themethod can include the data processing system storing, responsive tovalidation of the electronic document, the electronic document on acache server of the data processing system. The method can include acache server receiving, from a viewer component executed by a clientcomputing device, a request to access the electronic document. Themethod can include the cache server providing, responsive to therequest, the electronic document to cause the viewer component to: load,in an iframe, the electronic document for display via the clientcomputing device; execute, in the electronic document, a runtimecomponent to identify a tag coded with a markup language in theelectronic document; and receive, from the runtime component via asecure communication channel, an indication of the tag. The method caninclude the data processing system receiving, from the viewer component,the indication of the tag. The method can include the data processingsystem selecting, based on the indication of the tag, a data value. Themethod can include the data processing system transmitting, to theviewer component executed by the client computing device, the data valueto cause the viewer component to: generate a prompt comprising the datavalue; receive, responsive to the prompt, input from the clientcomputing device; and provide, via the secure communication channel andresponsive to the input, the data value to the runtime component tocause the runtime component to execute an action with the data value viathe electronic document.

At least one aspect is directed to a computer program product that, whenimplemented on a data processing system, is configured to cause the dataprocessing system to perform the method of secure communications inmobile digital pages.

The individual features and/or combinations of features defined above inaccordance with any aspect of this disclosure or below in relation toany specific embodiment of the disclosure may be utilized, eitherseparately and individually, alone or in combination with any otherdefined feature, in any other aspect or embodiment of the disclosure.

Furthermore, the this disclosure is intended to cover apparatusconfigured to perform any feature described herein in relation to amethod and/or a method of using or producing, using or manufacturing anyapparatus feature described herein.

These and other aspects and implementations are discussed in detailbelow. The foregoing information and the following detailed descriptioninclude illustrative examples of various aspects and implementations,and provide an overview or framework for understanding the nature andcharacter of the claimed aspects and implementations. The drawingsprovide illustration and a further understanding of the various aspectsand implementations, and are incorporated in and constitute a part ofthis specification.

BRIEF DESCRIPTION OF THE DRAWINGS

The accompanying drawings are not intended to be drawn to scale. Likereference numbers and designations in the various drawings indicate likeelements. For purposes of clarity, not every component may be labeled inevery drawing. In the drawings:

FIG. 1 is an illustration of an example system for secure communicationin mobile digital pages;

FIG. 2 is an illustration of an example operation of a system for securecommunication in mobile digital pages;

FIG. 3 is an illustration of an example method for secure communicationin mobile digital pages; and

FIG. 4 is a block diagram illustrating a general architecture for acomputer system that can be employed to implement elements of thesystems and methods described and illustrated herein, including, forexample, the systems depicted in FIGS. 1 and 2, and the method depictedin FIG. 3.

DETAILED DESCRIPTION

Following below are more detailed descriptions of various conceptsrelated to, and implementations of, methods, apparatuses, and systemsfor secure communication in mobile digital pages. The various conceptsintroduced above and discussed in greater detail below may beimplemented in any of numerous ways.

This disclosure is generally directed to providing secure communicationin mobile digital pages, electronic documents or electronic resources.The secure communication can allow data transfer between a mobiledigital page and a server and can, for example, allow for input to beprovided to the mobile digital page so as to provide improved userinput. Electronic resources can refer to a web page or other onlinedocument or electronic document that can be rendered or otherwisepresented on a computing device. A mobile digital page can refer to anelectronic resource such as a web page designed, constructed orconfigured for display on a mobile computing device or mobile operatingsystem, such as a smartphone, tablet device, smartwatch, smarttelevision, smart speaker or other computing device. A mobile digitalpage can include, use or be associated with one or more components, suchas hypertext markup language (“HTML”) with web components, a script(e.g., JavaScript) to manage resource loading, and a cache to serve andvalidate the mobile page. A web component can refer to a set of featuresthat provide a standard component model for the internet that allows forencapsulation and interoperability of individual HTML elements. Themobile digital page can be developed and provided by a third-partydeveloper.

A client computing device can render the mobile digital page. The mobiledigital page can include input fields or provide prompts for input. Theinput can be provided by a user of the mobile digital page. The inputcan include information associated with the user, such as a username,password, account information, electronic transaction information, orpreference information. However, the user may not have access to thedata to be provided for input to the mobile device. Further, the clientcomputing device may have a limited user interface or input capabilitiesto receive input from a user. The mobile digital page may not have theability to provide a suggestion for the input. The mobile digital pagemay operate in a sandboxed or restricted computing environment in whichthe mobile digital page is prevented from accessing parts of memory onthe client computing device, or a server containing account information.As mobile digital pages are increasingly accessed or rendered on clientcomputing devices, and third party developers increasingly request inputdata values to execute actions or perform services, it can bechallenging to provide such input for mobile digital pages whilemaintaining a secure communication channel due to the limited inputinterfaces on mobile devices, inefficiencies associated with providinginput via the limited input interfaces, or the inability to readilyaccess the input information.

The technical solution of this disclosure is directed to providing asecure communication in mobile web pages that allows for a secure dataexchange between account information and an electronic resource, such asthe mobile web page. The technical solution can provide capabilitiessuch as identification, electronic transaction processing,customization, or contextual information to third party mobile pages orelectronic documents to improve the processing flow while maintainingsecurity throughout the system. The secure communication can be securebecause the data provided via the secure communication cannot beaccessed by the third party developer, thereby improving security andprivacy. Thus, the third party developer cannot gain access to thesecure communication channel.

Systems and methods of this technical solution include a runtimecomponent, a cache server, and a viewer component. Third partydevelopers can use the system to build electronic documents based on anapplication programming interface associated with the runtime component.The cache server can store the electronic document developed by thethird party developer. When the document is requested for display on aclient computing device, the viewer component can execute on the clientcomputing device to load the electronic document from cache of the cacheserver. The viewer component can host the runtime which can be used toobtain identification information, trigger electronic transactionprocessing, and autofill data values approved by the user. The cacheserver can provide validation of the third party document contents forsafe usage and caching or e-hosting for performance benefits. The viewercomponent can receive or obtain account data from external sources(e.g., identity data, transaction account info, or other contextualpersonalization data. The viewer component can provide an overlay userinterface to allow the user to select/manipulate information and grantusage of the info to the third party electronic document. The viewercomponent can accept data from the third party electronic document(e.g., via the runtime API) to be saved back to the account information.The viewer component can orchestrate the loading of third partyelectronic documents. The viewer component and the runtime can beisolated from each other and communicate over a secure communicationchannel, thereby restricting or controlling any data exchange from thethird party document. The runtime can provide data to the third partydocument upon approval.

The developer can use a markup language to encode tags within thirdparty documents. The tags can indicate contextual information about theweb page. The runtime component can parse the tags to determine thecontextual information, and forward the contextual information to theviewer component for forwarding to a data processing system or externalsources. Based on the tags, the data processing system can accessaccount information to provide data values. Thus, systems and methods ofthis technical solution can securely provide data values for efficientinput into mobile pages rendered by computing devices with limited inputor output interfaces. The data values may be associated with a user andmay be provided as input by the user and stored for subsequent inputinto the mobile pages. The subsequent input into the mobile pages may beautomatic or may be in a manner that assists the user in providing theinput. A mechanism enabling user input that provides a shortcut for auser to input stored data may therefore be provided. The secureprovision of such data values can reduce processor, memory or batteryconsumption of the computing device by reducing the amount of delaycaused by inputting data values or launching additional applications onthe computing device to obtain the data values.

FIG. 1 illustrates an example system 100 for secure communication inmobile digital pages. The system 100 can include content selectioninfrastructure. The system 100 can include application deliveryinfrastructure. The system 100 can include an online application storeor marketplace. The system 100 can include a data processing system 102.The data processing system 102 can communicate with one or more of anthird-party (“3P) developer device 150 (or application developer device)or a client computing device 126 (or client device or computing device)via network 101. The system 100 can also communicate with other devices,such as third-party devices, content provider devices, or digitalsurface devices.

The network 101 can include computer networks such as the Internet,local, wide, metro, or other area networks, intranets, satellitenetworks, and other communication networks such as voice or data mobiletelephone networks. The network 101 can be used to access informationresources such as web pages, web sites, domain names, or uniformresource locators that can be presented, output, rendered, or displayedon at least one client computing device 126, such as a laptop, desktop,tablet, digital assistant device, smart phone, wearable device, portablecomputers, or speaker. For example, via the network 101 a user of theclient computing device 126 can access information or data provided bythe data processing system 102 or 3P developer device 150.

The network 101 can include or constitute a display network, e.g., asubset of information resources available on the internet that areassociated with a content placement or search engine results system, orthat are eligible to include third party digital components as part of adigital component placement campaign. The network 101 can be used by thedata processing system 102 to access information resources such as webpages, web sites, domain names, or uniform resource locators that can bepresented, output, rendered, or displayed by the client computing device126. For example, via the network 101 a user of the client computingdevice 126 can access information or data provided by the dataprocessing system 102 or the 3P developer device 150.

The network 101 may be any type or form of network and may include anyof the following: a point-to-point network, a broadcast network, a widearea network, a local area network, a telecommunications network, a datacommunication network, a computer network, an ATM (Asynchronous TransferMode) network, a SONET (Synchronous Optical Network) network, a SDH(Synchronous Digital Hierarchy) network, a wireless network and awireline network. The network 101 may include a wireless link, such asan infrared channel or satellite band. The topology of the network 101may include a bus, star, or ring network topology. The network mayinclude mobile telephone networks using any protocol or protocols usedto communicate among mobile devices, including advanced mobile phoneprotocol (“AMPS”), time division multiple access (“TDMA”), code-divisionmultiple access (“CDMA”), global system for mobile communication(“GSM”), general packet radio services (“GPRS”) or universal mobiletelecommunications system (“UMTS”). Different types of data may betransmitted via different protocols, or the same types of data may betransmitted via different protocols.

The system 100 can include at least one data processing system 102. Thedata processing system 102 can include at least one logic device such asa computing device having a processor to communicate via the network101, for example with the client computing device 126 or the 3Pdeveloper device 150 or other networked device or third-party device.The data processing system 102 can include at least one computationresource, server, processor or memory. For example, the data processingsystem 102 can include a plurality of computation resources or serverslocated in at least one data center. The data processing system 102 caninclude multiple, logically-grouped servers and facilitate distributedcomputing techniques. The logical group of servers may be referred to asa data center, server farm or a machine farm. The servers can also begeographically dispersed. A data center or machine farm may beadministered as a single entity, or the machine farm can include aplurality of machine farms. The servers within each machine farm can beheterogeneous—one or more of the servers or machines can operateaccording to one or more type of operating system platform.

Servers in the machine farm can be stored in high-density rack systems,along with associated storage systems, and located in an enterprise datacenter. For example, consolidating the servers in this way may improvesystem manageability, data security, the physical security of thesystem, and system performance by locating servers and high performancestorage systems on localized high performance networks. Centralizationof all or some of the data processing system 102 components, includingservers and storage systems, and coupling them with advanced systemmanagement tools allows more efficient use of server resources, whichsaves power and processing requirements and reduces bandwidth usage.

The system 100 can include, access, or otherwise interact with at leastone 3P developer device 150. The 3P developer device 150 can include atleast one logic device such as a computing device having a processor tocommunicate via the network 101, for example with the client computingdevice 126, or the data processing system 102. The 3P developer device150 can include at least one computation resource, server, processor ormemory. For example, 3P developer device 150 can include a plurality ofcomputation resources or servers located in at least one data center.

The 3P developer device 150 can provide audio based digital componentsfor presentation or display by the client computing device 126 as anaudio output digital component. The digital component can include anoffer for a good or service, such as a voice based message that states:“Would you like me to order you a taxi?” For example, the 3P developerdevice 150 can include memory to store a series of audio digitalcomponents that can be provided in response to a voice based query. The3P developer device 150 can also provide audio based digital components(or other digital components) to the data processing system 102 wherethey can be stored in the data repository 118. The data processingsystem 102 can select the audio digital components and provide (orinstruct the 3P developer device 150 to provide) the audio digitalcomponents to the client computing device 126. The audio based digitalcomponents can be exclusively audio or can be combined with text, image,or video data.

The 3P developer device 150 can include, interface with, or otherwisecommunicate with the data processing system 102. The 3P developer device150 can include, interface, or otherwise communicate with the clientcomputing device 126. The 3P developer device 150 can include,interface, or otherwise communicate with the client computing device126, which can be a mobile computing device. The 3P developer device 150can include, interface, or otherwise communicate with the 3P developerdevice 150. For example, the 3P developer device 150 can provide adigital component to the client computing device 126 for execution bythe client computing device 126. The 3P developer device 150 can providethe digital component to the data processing system 102 for storage bythe data processing system 102. The 3P developer device 150 can providerules or parameters relating to the digital component to the dataprocessing system 102.

The client computing device 126 can download an electronic document orapplication developed by the 3P developer device 150. The clientcomputing device 126 can download the application or electronic documentfrom the data processing system 102 via the network 101. The clientcomputing device 126 can load the electronic document. The clientcomputing device 126 can execute the application. The client computingdevice 126 can execute, launch, trigger or otherwise access or use theapplication responsive to a user input or trigger event or condition.The application can include a front-end component and a back-endcomponent. The client computing device 126 can execute or provide thefront-end component of the application, while the data processing system102 or 3P developer device 150 provides a back-end component of theapplication. The application can include, for example, a viewercomponent 128.

The client computing device 126 can include, interface, or otherwisecommunicate with at least one sensor 152, transducer 154, audio driver156, or pre-processor 158. The client computing device 126 can include adisplay device 160, such as a light indicator, light emitting diode(“LED”), organic light emitting diode (“OLED”), or other visualindicator configured to provide a visual or optic output. The sensor 152can include, for example, an ambient light sensor, proximity sensor,temperature sensor, accelerometer, gyroscope, motion detector, GPSsensor, location sensor, microphone, or touch sensor. The transducer 154can include a speaker or a microphone. The audio driver 156 can providea software interface to the hardware transducer 154. The audio drivercan execute the audio file or other instructions provided by the dataprocessing system 102 to control the transducer 154 to generate acorresponding acoustic wave or sound wave. The pre-processor 158 caninclude a processing unit having hardware configured to detect a keywordand perform an action based on the keyword. The pre-processor 158 canfilter out one or more terms or modify the terms prior to transmittingthe terms to the data processing system 102 for further processing. Thepre-processor 158 can convert the analog audio signals detected by themicrophone into a digital audio signal, and transmit one or more datapackets carrying the digital audio signal to the data processing system102 via the network 101. In some cases, the pre-processor 158 cantransmit data packets carrying some or all of the input audio signalresponsive to detecting an instruction to perform such transmission. Theinstruction can include, for example, a trigger keyword or other keywordor approval to transmit data packets comprising the input audio signalto the data processing system 102.

The client computing device 126 can be associated with an end user thatenters voice queries as audio input into the client computing device 126(via the sensor 152) and receives audio output in the form of a computergenerated voice that can be provided from the data processing system 102(or the 3P developer device 150 or the 3P developer device 150) to theclient computing device 126, output from the transducer 154 (e.g., aspeaker). The computer generated voice can include recordings from areal person or computer generated language.

The client computing device 126 (or computing device, or client device,or digital device) may or may not include a display. For example, thecomputing device may include limited types of user interfaces, such as amicrophone and speaker. In some cases, the primary user interface of theclient computing device 126 may be a microphone and speaker, or voiceinterface. For example, the primary user interface of the clientcomputing device 126 can include a voice-based or audio-based userinterface. The client computing device 126 can include a display andhave the primary user interface be voice-based or audio-based. Theprimary user interface of the client computing device 126 can beconversational. A conversational user interface can refer to a userinterface that is at least in part driven or facilitated by a naturallanguage processor component 106 of the data processing system 102.

The data processing system 102 can include a content placement systemhaving at least one computation resource or server. The data processingsystem 102 can include, interface, or otherwise communicate with atleast one interface 104. The data processing system 102 can include,interface, or otherwise communicate with at least one natural languageprocessor component 106. The data processing system 102 can include,interface, or otherwise communicate with at least one direct actionapplication programming interface (“API”) 108. The interface 104,natural language processing component 106 and direct action API 108 canprovide a conversational API or digital assistant functionality. Theconversational API or digital assistant can communicate or interfacewith one or more voice-based interfaces or various digital assistantdevices or surfaces in order to provide data or receive data or performother functionality.

The data processing system 102 can include, interface, or otherwisecommunicate with at least one validation component 110. The dataprocessing system 102 can include, interface, or otherwise communicatewith at least one data value generator component 112. The dataprocessing system 102 can include, interface, or otherwise communicatewith at least one cache server 114. The data processing system 102 caninclude, interface, or otherwise communicate with at least one datarepository 118.

The interface 104, natural language processor component 106, directaction API 108, validation component 110, data value generator component112, and cache server 114 can each include at least one processing unitor other logic device such as programmable logic array engine, or moduleconfigured to communicate with the data repository 118 or database. Theinterface 104, natural language processor component 106, direct actionAPI 108, validation component 110, data value generator 112, cacheserver 114 and data repository 118 can be separate components, a singlecomponent, or part of the data processing system 102. The system 100 andits components, such as a data processing system 102, can includehardware elements, such as one or more processors, logic devices, orcircuits.

The data processing system 102 can obtain anonymous computer networkactivity information associated with a plurality of client computingdevices 126 (or computing device or digital assistant device). A user ofa client computing device 126 or mobile computing device canaffirmatively authorize the data processing system 102 to obtain networkactivity information corresponding to the client computing device 126 ormobile computing device. For example, the data processing system 102 canprompt the user of the client computing device 126 for consent to obtainone or more types of network activity information. The client computingdevice 126 can include a mobile computing device, such as a smartphone,tablet, smartwatch, or wearable device. The identity of the user of theclient computing device 126 can remain anonymous and the clientcomputing device 126 can be associated with a unique identifier (e.g., aunique identifier for the user or the computing device provided by thedata processing system 102 or a user of the client computing device126). The data processing system 102 can associate each observation witha corresponding unique identifier.

The data processing system 102 can interface with a 3P developer device150. The 3P developer device 150 can include or refer to a device of acontent provider. The content provider can establish an electroniccontent campaign. The electronic content campaign can be stored ascontent data in the data repository 118. An electronic content campaigncan refer to one or more content groups that correspond to a commontheme. A content campaign can include a hierarchical data structure thatincludes content groups, digital component data objects, and contentselection criteria. To create a content campaign, the content providercan specify values for campaign level parameters of the contentcampaign. The campaign level parameters can include, for example, acampaign name, a preferred content network for placing digital componentobjects, a value of resources to be used for the content campaign, startand end dates for the content campaign, a duration for the contentcampaign, a schedule for digital component object placements, language,geographical locations, type of computing devices on which to providedigital component objects. In some cases, an impression can refer towhen a digital component object is fetched from its source (e.g., dataprocessing system 102 or content provider), and is countable. In somecases, due to the possibility of click fraud, robotic activity can befiltered and excluded, as an impression. Thus, in some cases, animpression can refer to a measurement of responses from a Web server toa page request from a browser, which is filtered from robotic activityand error codes, and is recorded at a point as close as possible toopportunity to render the digital component object for display on theclient computing device 126. In some cases, an impression can refer to aviewable or audible impression; e.g., the digital component object is atleast partially (e.g., 20%, 30%, 30%, 40%, 50%, 60%, 70%, or more)viewable on a display device 160 of the client computing device 126, oraudible via a speaker of the client computing device 126. A click orselection can refer to a user interaction with the digital componentobject, such as a voice response to an audible impression, amouse-click, touch interaction, gesture, shake, audio interaction, orkeyboard click. A conversion can refer to a user taking a desired actionwith respect to the digital component objection; e.g., purchasing aproduct or service, completing a survey, visiting a physical storecorresponding to the digital component, or completing an electronictransaction.

The content provider can further establish one or more content groupsfor a content campaign. A content group includes one or more digitalcomponent objects and corresponding content selection criteria, such askeywords, words, terms, phrases, geographic locations, type of computingdevice, time of day, interest, topic, or vertical. Content groups underthe same content campaign can share the same campaign level parameters,but may have tailored specifications for particular content group levelparameters, such as keywords, negative keywords (e.g., that blockplacement of the digital component in the presence of the negativekeyword on main content), bids for keywords, or parameters associatedwith the bid or content campaign.

To create a new content group, the content provider can provide valuesfor the content group level parameters of the content group. The contentgroup level parameters include, for example, a content group name orcontent group theme, and bids for different content placementopportunities (e.g., automatic placement or managed placement) oroutcomes (e.g., clicks, impressions, or conversions). A content groupname or content group theme can be one or more terms that the contentprovider can use to capture a topic or subject matter for which digitalcomponent objects of the content group is to be selected for display.For example, a car dealership can create a different content group foreach brand of vehicle it carries, and may further create a differentcontent group for each model of vehicle it carries. Examples of thecontent group themes that the car dealership can use include, forexample, “Make A sports car” “Make B sports car,” “Make C sedan,” “MakeC truck,” “Make C hybrid,” or “Make D hybrid.” An example contentcampaign theme can be “hybrid” and include content groups for both “MakeC hybrid” and “Make D hybrid”, for example.

The content provider can provide one or more keywords and digitalcomponent objects to each content group. Keywords can include terms thatare relevant to the product or services of associated with or identifiedby the digital component objects. A keyword can include one or moreterms or phrases. For example, the car dealership can include “sportscar,” “V-6 engine,” “four-wheel drive,” “fuel efficiency,” as keywordsfor a content group or content campaign. In some cases, negativekeywords can be specified by the content provider to avoid, prevent,block, or disable content placement on certain terms or keywords. Thecontent provider can specify a type of matching, such as exact match,phrase match, or broad match, used to select digital component objects.

The content provider can provide one or more keywords to be used by thedata processing system 102 to select a digital component object providedby the content provider. The content provider can identify one or morekeywords to bid on, and further provide bid amounts for variouskeywords. The content provider can provide additional content selectioncriteria to be used by the data processing system 102 to select digitalcomponent objects. Multiple content providers can bid on the same ordifferent keywords, and the data processing system 102 can run a contentselection process or ad auction responsive to receiving an indication ofa keyword of an electronic message.

The content provider can provide one or more digital component objectsfor selection by the data processing system 102. The data processingsystem 102 can select the digital component objects when a contentplacement opportunity becomes available that matches the resourceallocation, content schedule, maximum bids, keywords, and otherselection criteria specified for the content group. Different types ofdigital component objects can be included in a content group, such as avoice digital component, audio digital component, a text digitalcomponent, an image digital component, video digital component,multimedia digital component, or digital component link. A digitalcomponent object (or digital component) can include, for example, acontent item, an online document, audio, images, video, multimediacontent, or sponsored content. Upon selecting a digital component, thedata processing system 102 can transmit the digital component object forrendering on a computing device 126 or display device 160 of the clientcomputing device 126. Rendering can include displaying the digitalcomponent on a display device, or playing the digital component via aspeaker of the client computing device 126. The data processing system102 can provide instructions to a computing device 126 to render thedigital component object. The data processing system 102 can instructthe client computing device 126, or an audio driver 156 of the clientcomputing device 126, to generate audio signals or acoustic waves.

The data repository 118 can include one or more local or distributeddatabases, and can include a database management system. The datarepository 118 can include computer data storage or memory and can storeone or more of validation policies 120, account information 122 and datavalues 124, among other data. The data repository 118 can store the oneor more of validation policies 120, account information 122 and datavalues 124 in one or more data structures, databases, data files,indexes, or other type of data storage.

The data repository 118 can store a validation policy 120 in a datafile, data structure, or other storage format. The validation policy 120can include one or more rules, policies, logic, thresholds, comparisons,or functions used by at least the validation component 110 to validate athird-party (“3P”) document provided by the 3P developer device 150.Upon validation of the 3P document by the validation component 110 usinga validation policy 120, the data processing system 102 can store the 3Pdocument in the cache server 114. An example of a validation policy 120can include determining whether the 3P document includes a scriptinglanguage, such as JavaScript, and rejecting the 3P document responsiveto determining that the 3P document includes JavaScript. Another exampleof a validation policy can include determining the format of a markuplanguage used to provide tags in the 3P document, and approving the 3Pdocument the format matches a predetermined format indicated in thevalidation policy 120.

The data repository 118 can store one or more accounts 122. Accounts 122can include account information. An account 122 can be associated withor for a user of a computing device 126. The account 122 can include,store, or otherwise indicate or provide information or data values 124associated with a user of the client computing device 126. The user ofthe client computing device 126 can establish the account 122 with thedata processing system 102. The account 122 can include any electronicor digital account. The account 122 can include profile information,historical information, or other data values 124 associated with theuser of the client computing device 126. The account 122 can includeinformation previously provided by the client computing device 126 tothe data processing system 102. Data values 124 can include, forexample, information an electronic account information, identifiers,address information, or preferences. The data values 124 can includeinformation associated with a user that can be used to facilitate atransaction flow on a 3P document 132, or information that can be inputinto an input form or text box in a 3P document 132.

The data processing system 102 can include an interface 104 (orinterface component) designed, configured, constructed, or operationalto receive and transmit information using, for example, data packets.The interface 104 can receive and transmit information using one or moreprotocols, such as a network protocol. The interface 104 can include ahardware interface, software interface, wired interface, or wirelessinterface. The interface 104 can facilitate translating or formattingdata from one format to another format. For example, the interface 104can include an application programming interface that includesdefinitions for communicating between various components, such assoftware components. The interface 104 can communicate with one or moreof the client computing device 126, or 3P developer device 150 vianetwork 101.

The data processing system 102 can interface with an application, scriptor program installed at the client computing device 126, such as an appto communicate input audio signals to the interface 104 of the dataprocessing system 102 and to drive components of the local clientcomputing device to render output audio signals. The data processingsystem 102 can receive data packets or other signal that includes oridentifies an audio input signal. The interface 104 can interface orcommunicate with one or more components of the client computing device126. The interface 104 can communicate with, for example, a viewercomponent 128 executed by the client computing device 126, or a dataexchange component 146 of the client computing device 126, a loadingorchestrator component 144 executed by the client computing device 126,or an overlay component 148 of the client computing device 126.

The data processing system 102 can include a natural language processor(“NLP”) component 106. For example, the data processing system 102 canexecute or run the NLP component 106 to receive or obtain the audiosignal and parse the audio signal. For example, the NLP component 106can provide for interactions between a human and a computer. The NLPcomponent 106 can be configured with techniques for understandingnatural language and allowing the data processing system 102 to derivemeaning from human or natural language input. The NLP component 106 caninclude or be configured with techniques based on machine learning, suchas statistical machine learning. The NLP component 106 can utilizedecision trees, statistical models, or probabilistic models to parse theinput audio signal. The NLP component 106 can perform, for example,functions such as named entity recognition (e.g., given a stream oftext, determine which items in the text map to proper names, such aspeople or places, and what the type of each such name is, such asperson, location, or organization), natural language generation (e.g.,convert information from computer databases or semantic intents intounderstandable human language), natural language understanding (e.g.,convert text into more formal representations such as first-order logicstructures that a computer module can manipulate), machine translation(e.g., automatically translate text from one human language to another),morphological segmentation (e.g., separating words into individualmorphemes and identify the class of the morphemes, which can bechallenging based on the complexity of the morphology or structure ofthe words of the language being considered), question answering (e.g.,determining an answer to a human-language question, which can bespecific or open-ended), semantic processing (e.g., processing that canoccur after identifying a word and encoding its meaning in order torelate the identified word to other words with similar meanings).

The NLP component 106 can convert the audio input signal into recognizedtext by comparing the input signal against a stored, representative setof audio waveforms (e.g., in the data repository 118) and choosing theclosest matches. The set of audio waveforms can be stored in datarepository 118 or other database accessible to the data processingsystem 102. The representative waveforms are generated across a largeset of users, and then may be augmented with speech samples from theuser. After the audio signal is converted into recognized text, the NLPcomponent 106 matches the text to words that are associated, for examplevia training across users or through manual specification, with actionsthat the data processing system 102 can serve. Aspects or functionalityof the NLP component 106 can be performed by the data processing system102 or the client computing device 126. For example, a local NLPcomponent can execute on the client computing device 126 to performaspects of converting the input audio signal to text and transmittingthe text via data packets to the data processing system 102 for furthernatural language processing.

The audio input signal can be detected by the sensor 152 or transducer154 (e.g., a microphone) of the client computing device 126. Via thetransducer 154, the audio driver 156, or other components the clientcomputing device 126 can provide the audio input signal to the dataprocessing system 102 (e.g., via the network 101) where it can bereceived (e.g., by the interface 104) and provided to the NLP component106 or stored in the data repository 118. The audio input signaldetected by the sensor 152 can include an initial keyword, hotword, ortrigger word that indicates to the client computing device 126 that theinput audio signal is to be transmitted to the data processing system102.

The client computing device 126 can include an audio driver 156, atransducer 154, a sensor 152 and a pre-processor component 158. Thesensor 152 can receive or detect an input audio signal (e.g., voiceinput). The pre-processor component 158 can be coupled to the audiodriver, the transducer, and the sensor. The pre-processor component 158can identify an initial keyword, hotword, trigger keyword or othersymbol in the input audio signal that indicates that the input audiosignal is to be transmitted to the data processing system 102 forprocessing by the NLP component 106. The pre-processor component 158 canfilter the input audio signal to create a filtered input audio signal(e.g., by removing certain frequencies or suppressing noise, or removingthe initial keyword or hotword). The pre-processor component 158 canconvert the filtered input audio signal to data packets (e.g., using asoftware or hardware digital-to-analog converter). In some cases, thepre-processor component 158 can convert the unfiltered input audiosignal to data packets and transmit the data packets to the dataprocessing system 102. The pre-processor component 158 can transmit thedata packets to a data processing system 102 comprising one or moreprocessors and memory that execute a natural language processorcomponent, an interface, a speaker recognition component, and a directaction application programming interface.

The data processing system 102 can receive, via the interface, from thepre-processor component 158, the data packets comprising the filtered(or unfiltered) input audio signal detected by the sensor. The dataprocessing system 102 can identify an acoustic signature from the inputaudio signal. The data processing system 102 can identify, based on alookup in a data repository (e.g., querying a database), an electronicaccount 122 corresponding to the acoustic signature. The data processingsystem 102 can establish, responsive to identification of the electronicaccount 122, a session and an account for use in the session. Theaccount 122 can include a profile having one or more policies. The dataprocessing system 102 can parse the input audio signal to identify arequest and a trigger keyword corresponding to the request.

The data processing system 102 can provide, to the pre-processorcomponent 158 of the client computing device 126, a status. The clientcomputing device 126 can receive the indication of the status. The audiodriver can receive the indication of the status of the profile, andgenerate an output signal based on the indication. The audio driver canconvert the indication to an output signal, such as sound signal, oracoustic output signal. The audio driver can drive the transducer 154(e.g., speaker) to generate sound based on the output signal generatedby the audio drive.

In some cases, the client computing device 126 can include a displaydevice 160. The display device 160 can include one or more LEDs, lights,display, or other component or device configured to provide an opticalor visual output. The pre-processor component 158 can cause the lightsource to provide a visual indication corresponding to the status. Forexample, the visual indication can be a status indicator light thatturns on, a change in color of the light, a light pattern with one ormore colors, or a visual display of text or images.

The NLP component 106 can obtain the input audio signal. From the inputaudio signal, the NLP component 106 can identify at least one request orat least one trigger keyword corresponding to the request. The requestcan indicate intent or subject matter of the input audio signal. Thetrigger keyword can indicate a type of action likely to be taken. Thetrigger keyword can be a wakeup signal or hotword that indicates to theclient computing device 126 to convert the subsequent audio input intotext and transmit the text to data processing system 102 for furtherprocessing. For example, the NLP component 106 can parse the input audiosignal to identify at least one request to leave home for the evening toattend dinner and a movie. The trigger keyword can include at least oneword, phrase, root or partial word, or derivative indicating an actionto be taken. For example, the trigger keyword “go” or “to go to” fromthe input audio signal can indicate a need for transport. In thisexample, the input audio signal (or the identified request) does notdirectly express an intent for transport, however the trigger keywordindicates that transport is an ancillary action to at least one otheraction that is indicated by the request.

The NLP component 106 can parse the input audio signal to identify,determine, retrieve, or otherwise obtain the request and the triggerkeyword. For instance, the NLP component 106 can apply a semanticprocessing technique to the input audio signal to identify the triggerkeyword or the request. The NLP component 106 can apply the semanticprocessing technique to the input audio signal to identify a triggerphrase that includes one or more trigger keywords, such as a firsttrigger keyword and a second trigger keyword. For example, the inputaudio signal can include the sentence “I want a ride to the airport.”The NLP component 106 can apply a semantic processing technique, orother natural language processing technique, to the data packetscomprising the sentence to identify the request or trigger phrases “wanta ride” and “airport”. The NLP component 106 can further identifymultiple trigger keywords, such as want and ride. For example, the NLPcomponent 106 can determine that the trigger phrase includes the triggerkeyword and a second trigger keyword.

The NLP component 106 can filter the input audio signal to identify thetrigger keyword. For example, the data packets carrying the input audiosignal can include “It would be great if I could get someone that couldhelp me go to the airport”, in which case the NLP component 106 canfilter out one or more terms as follows: “it”, “would”, “be”, “great”,“if”, “I”, “could”, “get”, “someone”, “that”, “could”, or “help”. Byfiltering out these terms, the NLP component 106 may more accurately andreliably identify the trigger keywords, such as “go to the airport” anddetermine that this is a request for a taxi or a ride sharing service.

In some cases, the NLP component 106 can determine that the data packetscarrying the input audio signal includes one or more requests. Forexample, the input audio signal can include the sentence “I want topurchase an audiobook and monthly subscription to movies.” The NLPcomponent 106 can determine this is a request for an audio book and astreaming multimedia service. The NLP component 106 can determine thisis a single request or multiple requests. The NLP component 106 candetermine that this is two requests: a first request for a serviceprovider that provides audiobooks, and a second request for a serviceprovider that provides movie streaming. In some cases, the NLP component106 can combine the multiple determined requests into a single request,and transmit the single request to a 3P developer device 150. In somecases, the NLP component 106 can transmit the individual requests toanother service provider device, or separately transmit both requests tothe same 3P developer device 150.

The data processing system 102 can include a direct action API 108designed and constructed to generate, based on the trigger keyword, anaction data structure responsive to the request. The direct action API108 can generate the action data structure to cause an application toperform the corresponding action. The direct action API 108 can transmitthe action data structure to the application installed on the clientcomputing device 126 to cause the client computing device 126 to performthe corresponding action or initiate an action. The action datastructure generated by the direct action API 108 can include a deep linkfor an application installed on the client computing device 126. Theapplication installed on the client computing device 126 can thenperform the action or communicate with the 3P developer device 150 or a3P developer device 150 to perform the action.

Processors of the data processing system 102 can invoke the directaction API 108 to execute scripts that generate a data structure toprovide to an application installed on the client computing device 126,a 3P developer device 150, or other service provider to obtain a digitalcomponent, content, order a service or product, such as a car from a carshare service or an audiobook. The direct action API 108 can obtain datafrom the data repository 118, as well as data received with end userconsent from the client computing device 126 to determine location,time, user accounts, logistical or other information to allow the 3Pdeveloper device 150 to perform an operation, such as reserve a car fromthe car share service. Using the direct action API 108, the dataprocessing system 102 can also communicate with the 3P developer device150 to complete the operation by in this example making the car sharepick up reservation.

The direct action API 108 can execute a specified action to satisfy theend user's intention, as determined by the data processing system 102.Depending on the action specified in its inputs and the parameters orrules in the data repository 118, the direct action API 108 can executecode or a dialog script that identifies the parameters required tofulfill a user request. The direct action API 108 can execute anapplication to satisfy or fulfill the end user's intention. Such codecan look-up additional information, e.g., in the data repository 118,such as the name of a home automation service, or third-party service,or it can provide audio output for rendering at the client computingdevice 126 to ask the end user questions such as the intendeddestination of a requested taxi. The direct action API 108 can determineparameters and can package the information into an action datastructure, which can then be sent to another component of the dataprocessing system 102 to be fulfilled.

The direct action API 108 can receive an instruction or command from theNLP component 106, or other component of the data processing system 102,to generate or construct the action data structure. The direct actionAPI 108 can determine a type of action in order to select a templatestored in the data repository 118. The actions can be fulfilled byapplications provided by the data processing system 102 and submitted bya 3P developer device 150. The application can perform or facilitate theperformance of the action. Example types of actions can include, forexample, watch action, listen action, read action, navigation action, orweather action. Types of actions can include or be configured toprovide, for example, services, products, reservations, tickets,multimedia content, audiobook, manage subscriptions, adjustsubscriptions, transfer digital currency, make purchases, or music.Types of actions can further include types of services or products. Forexample, types of services can include car share service, food deliveryservice, laundry service, maid service, repair services, householdservices, device automation services, or media streaming services. Typesof products can include, for example, clothes, shoes, toys, electronics,computers, books, or jewelry. Types of reservations can include, forexample, dinner reservations or hair salon appointments. Types oftickets can include, for example, movie tickets, sports venue tickets,or flight tickets. In some cases, the types of services, products,reservations or tickets can be categorized based on price, location,type of shipping, availability, or other attributes.

The NLP component 106 can parse the input audio signal to identify arequest and a trigger keyword corresponding to the request, and providethe request and trigger keyword to the direct action API 108 to causethe direct action API to generate, based on the trigger keyword, a firstaction data structure responsive to the request. The direct action API108, upon identifying the type of request, can access the correspondingtemplate from a template repository (e.g., data repository 118).Templates can include fields in a structured data set that can bepopulated by the direct action API 108 to further the operation that isrequested via input audio detected by the client computing device 126(such as the operation of sending a taxi to pick up an end user at apickup location and transport the end user to a destination location).The direct action API 108, or client computing device 126, can launch ortrigger an application to fulfill the request in the input audio. Forexample, a car sharing service application can include one or more ofthe following fields: device identifier, pick up location, destinationlocation, number of passengers, or type of service. The direct actionAPI 108 can populate the fields with values. To populate the fields withvalues, the direct action API 108 can ping, poll or otherwise obtaininformation from one or more sensors 152 of the client computing device126 or a user interface of the client computing device 126. For example,the direct action API 108 can detect the source location using alocation sensor, such as a GPS sensor. The direct action API 108 canobtain further information by submitting a survey, prompt, or query tothe end of user of the client computing device 126. The direct actionAPI 108 can submit the survey, prompt, or query via interface 104 of thedata processing system 102 and a user interface of the client computingdevice 126 (e.g., audio interface, voice-based user interface, display,or touch screen). Thus, the direct action API 108 can select a templatefor the action data structure based on the trigger keyword or therequest, populate one or more fields in the template with informationdetected by one or more sensors 152, from the data value generatorcomponent 112, or obtained via a user interface, and generate, create orotherwise construct the action data structure to facilitate performanceof an operation by the 3P developer device 150.

The system 100 can include or communicate with a third party (“3P”)developer device 150. The 3P developer device 150 can include one ormore system or component of system 400 depicted in FIG. 4. The 3Pdeveloper device 150 can include or be associated with one or morecomputing devices or servers. The 3P developer device 150 can generate,construct or develop an electronic document. An electronic document canrefer to or include a web page, HTML document, digital media file,images, text, or a web-based application. The electronic document caninclude input form field, buttons, graphical user interface elements, orwidgets. The electronic document can be presented via a computing device126, and configured to receive input from a user via an interface of thecomputing device 126. The electronic document can generate a prompt orother request for input from the user. The electronic document canpresent visual output or audio output. The 3P developer 150 cangenerate, construct or develop one or more portions of the electronicdocument. The electronic document can be referred to as a 3P document asit can be provided by the 3P developer device 150. The 3P developerdevice 150 can provide the electronic document to the data processingsystem 102.

For example, the 3P developer device 150 can include an online retailer.The online retailer can generate an electronic document that is a webpage for a product sold by the online retailer. The electronic documentcan request input from a user to complete a transaction, such as afinancial account number. In another example, the 3P developer device150 can include a package delivery provider, and the electronic documentcan provide tracking information. The electronic document can request,from the user, a tracking number in order to perform a lookup anddetermine the tracking status. The user can input the tracking numbervia an interface of the computing device 126.

However, due to the limited input capabilities on certain computingdevices 126 (e.g., small touchscreen or keyboard, voice only input), itcan be challenging to input the requested information into an electronicdocument. Further, the requested input may not be readily available andmay result in additional remote procedure calls or lookups into externalsources or external account in order to obtain the requested inputinformation. For example, a user may log into an account or datarepository different from the electronic document in order to obtain theinformation requested by the electronic document. On certain computingdevices 126 with limited capabilities, it may be challenging,inefficient or not possible to access such external accounts in order toobtain the requested information for the electronic document. Thus, the3P developer device 150 can provide the electronic document to the dataprocessing system 102 of the technical solution.

The data processing system 102 can include, interface with or otherwiseaccess a validation component 110 designed, constructed or operationalto receive, from a third party developer device 150, the electronicdocument. The electronic document can be configured to interface with aruntime 140 application programming interface. The validation component110 can validate the electronic document based on a validation policy120. The validation component 110 can store, responsive to validation ofthe electronic document, the electronic document on a cache server 114of the data processing system 102.

The 3P developer device 150 can construct the electronic document (or 3Pdocument 132) to interface with a runtime API (e.g., runtime 140) byinserting tags using a markup language or declarative language. Themarkup language can include or indicate tags. The tags can indicatecontextual information about the electronic document. Contextualinformation can include any information about the electronic documentthat can facilitate the data processing system 102 identifying datavalues for input into an input form field of the electronic document.Tags can indicate a type of electronic web page, vertical of theelectronic web page, topics associated with the electronic web page,type of input used by the electronic web page, or other informationassociated with the electronic web page, content of the electronic webpage, services provided by the electronic web page, or functionsprovided by the electronic web page.

The validation component 110 can receive an application submitted by a3P developer device 150. The validation component 110 can validate theelectronic document using one or more validation policies 120 stored inthe data repository 118. The validation component 110 can retrieve, fromthe data repository 118, a validation policy 120 to apply to theelectronic document. To validate the electronic document, the validationcomponent 110 can parse the electronic document. The validationcomponent 110 can parse the electronic document responsive to receivingthe electronic document from the 3P developer device 150. The validationcomponent 110 can validate the electronic document responsive to arequest to validate the electronic document. The validation component110 can receive the request to validate the electronic document from the3P developer device 150, or from a component of the data processingsystem 102.

The validation component 110 can use a validation policy 120 to validatethe electronic document. The validation policy 120 can indicate types ofcontent, formats, scripts, functions, or components that are prohibitedfrom the electronic document. The validation component 110 can parse theelectronic document or extract data from the electronic document. Thevalidation component 110 can compare the output from parsing theelectronic document or the results of extracting the electronic documentwith the validation policy 120 to determine if one or more items orcomponents in the electronic document are prohibited. If the electronicdocument passes the validation policy 120 (e.g., validation component110 does not detected any of the prohibited items as indicated by thevalidation policy 120), the validation component 110 can indicate thatthe electronic document is valid. If, however, the validation component110 detects, in the electronic document, one or more prohibited items asindicated by the validation policy 120, then the validation component110 can determine the electronic document is invalid.

For example, the validation policy 120 can indicate that electronicdocuments containing an object-oriented language configured to provideinteractive effects or functions, such as JavaScript, are invalid. Thevalidation component 110 can parse the electronic document to detect atag or file name with a “.js” or a text file containing JavaScript code.Upon detecting a *.js file or JavaScript code in the electronicdocument, the validation component 110 can determine that the electronicdocument contains or utilizes JavaScript. The validation component 110can apply or execute the validation policy 120 to determine whether toblock, reject, prevent or remove, from storage, the electronic document.Thus, the validation component 110, using the validation policy 120, candetermine to validate or not validate the electronic document based onwhether the electronic document contains JavaScript. For example, thevalidation component 110 can validate, responsive to the determinationthat JavaScript is absent from the electronic document, the electronicdocument for storage in the cache server 114 of the data processingsystem 102. If, for example, the validation component 110 detects apresence of JavaScript in an electronic document, the validationcomponent can determine, responsive to detection of the presence of theJavaScript in the electronic document, not to validate the electronicdocument and remove the electronic document from storage in the cacheserver 114.

The validation component 110 can validate or invalidate an electronicdocument based on a format of the electronic document. The validationpolicy 120 can indicate approved or valid formats. The validation policy120 can indicate prohibited or invalid formats. For example, thevalidation policy 120 can indicate valid or invalid formats for a markuplanguage. Formats for a markup language can include, for example, LaTex,Extensible Markup Language (XML),Generalized Markup Language(GML),Standard Generalized Markup Language (SGML), or HyperText MarkupLanguage (HTML). The approved format can be HTML or XML, and the invalidformat can be LaTex, for example. The validation policy 120 can furtherindicate valid or invalid tags.

The validation component 110 can determine, based on a format of themarkup language or absence of JavaScript, that the electronic documentis valid for secure communication in mobile digital pages. Thevalidation component 110 can store, in the cache server 114, theelectronic document responsive to validation of the electronic documentfor secure communication in mobile digital pages.

The validation component 110 can validate the electronic document beforestoring the electronic document in storage of the data processing system102, or in a cache server 114. The data processing system 102 can storevalidated documents. The data processing system 102 can determine not tostore invalid documents. The data processing system 102 can determine toremove invalid electronic documents, or documents that fail thevalidation process performed by the validation component 110. Bydetermining to not store invalid electronic documents, the dataprocessing system 102 can reduce memory or storage utilization in thedata repository 118. The data processing system 102 can prevent ormitigate erroneous activity from occurring on a client computing device126 by not forwarding an invalid document to the client computing device126, thereby preventing the client computing device 126 from executingor rendering an invalid document that may contain errors or unauthorizedfunctionality. The data processing system 102 can prevent or mitigatesecurity failures by determining not to forward or transmit invaliddocuments to client computing devices 126. Thus, the validationcomponent 110 can reduce computing resource utilization of the dataprocessing system 102 (e.g., memory utilization), reduce or preventerrors or crashes from occurring on the client computing device 126, andavoid security failures on the client computing device 126. A securityfailure can occur as a result of an electronic document containing code,such as JavaScript, that may be susceptible to a hack or vulnerabilitythat can be exploited by a malicious third part. The validationcomponent 110, using the validation policy 120, can determine not tostore, in the cache server 114, such electronic document and not totransmit such electronic documents to client computing devices 126.

The data processing system 102 can provide a prompt to the 3P developerdevice 150 indicating the status of the validation. The data processingsystem 102 can indicate that validation was successful or thatvalidation was unsuccessful or a failure. If the data processing system102 determines that an electronic document is invalid or failsvalidation, the data processing system 102 can automatically resolve,modify, or fix the errors detected in electronic document so theelectronic document can be validated, or the data processing system 102can transmit a request to the 3P developer device 150 to resolve theerrors detected in the electronic document.

The data processing system 102 can automatically resolve, debug, or fixthe electronic document responsive to detection of an error or that theelectronic document is invalid. The data processing system 102 canautomatically debug or resolve the electronic document by removing orscrubbing the erroneous or invalid code. For example, the dataprocessing system 102 can remove a JavaScript file or JavaScript codefrom the electronic document. The data processing system 102 canautomatically resolve the electronic document containing code in aninvalid format by translating or re-formatting the code into a valid orapproved format. For example, the data processing system 102 can detectmarkup language in LaTex format, and automatically translate the markuplanguage into an approved format such as HTML or XML, or some otherapproved format. Thus, the validation component 110 can determinewhether an electronic document is valid using a validation policy 120,determine whether to store the document, reject the electronic document,or resolve the electronic document prior to storage in the cache server114.

The data processing system 102 can include a cache server 114 designed,constructed and operational to store third party (“3P”) documents 116.3P documents 116 can refer to one or more electronic documents (e.g., 3Pdocument 132) provided by a 3P developer device 150. The 3P documents116 can include electronic document that were validated by thevalidation component 110 for storage in the cache server 114. The cacheserver 114 can store the 3P documents 116 validated by the validationcomponent 110 and transmit 3P documents 116 to client computing devices126 upon request. The cache server 114 can provide caching or re-hostingto improve performance.

The cache server 114 can save or store electronic documents that havebeen validated. The cache server 114 can refer to or include a dedicatednetwork server or service acting as a server that saves electronicdocuments (e.g., web pages, media files, or other Internet content)locally. The cache server 114 can speed up access to electronicdocuments by storing electronic documents in a temporary storage orcache. The cache server 114 can reduce demands on bandwidth of the 3Pdeveloper device 150 or servers associated with the 3P developer device150. The cache server 114 can reduce server or network delay or lag bystoring or caching electronic documents, such as web pages, images, andother types of Web multimedia.

The cache server 114 can refer to or include a proxy server. A proxyserver can be a server that represents client computing devices 126 byintercepting requests from the client computing device 126 and managingthe requests for the client computing devices 126. The proxy server canfacilitate matching incoming messages with outgoing requests. Thus, theproxy server can cache the files that are received for later recall by aclient computing device 126. The client computing device 126, or userthereof, may not be aware of the functionality provided by the proxyserver or cache server 114 because requests from the client computingdevice 126 and returned responses can appear to be coming from theaddressed place on the Internet. For example, the viewer component 128of the client computing device 126 can be configured with an internetprotocol (“IP”) address of the cache server 114 and can transmit requestfor electronic documents to the cache server 114.

The cache server 114 can be configured with various controls. Forexample, controls can include freshness, validation and invalidation.The cache server 114 can be configured with a freshness control to allowa response to be used without re-checking it on the origin server (e.g.,3P developer device 150 or server thereof), and can be controlled byboth the server and the client computing device 126. For example, an“expires” response header can provide a date when the electronicdocument becomes stale, and the Cache-Control: max-age directive canindicate to the cache for how many seconds the response is fresh.

The cache server 114 can be configured with a validation control. Thevalidation control can be used to check whether a cached response isstill valid after it becomes stale. For example, if the response has aLast-Modified header, a cache can make a conditional request using theIf-Modified-Since header to see if the electronic document has changed.The ETag (entity tag) mechanism can allow for both strong and weakvalidation. This validation control can take into account one or moreaspect of the validation policy 120. The validation control can be set,provided or modified by the validation component 110.

The cache server 114 can be configured with an invalidation control. Theinvalidation control can refer to clearing, removing or otherwiseinvalidating the cache or an electronic document stored in the cache.The invalidation control can be set if a URL associated with a cachedresponse subsequently gets a POST, PUT or DELETE request. Theinvalidation control can take into account one or more aspect of thevalidation policy 120. The invalidation control can be set, provided ormodified by the validation component 110.

The cache server 114 can store the 3P documents 116 in a temporarystorage, memory, or other type of storage. The 3P documents 116 can bestored in a data structure, as data files or other data storagetechnique. The 3P documents 116 can be associated with an identifier,metadata, or an indication of the 3P developer device 150 that providedthe electronic document. The 3P documents 116 can be stored with anindication of an expiration date of the electronic document or otherinformation to facilitate delivering or transmitting electronicdocuments. 3P documents 116 can include electronic documents provided byone or more 3P developer devices 150 via network 101.

The data processing system 102 can receive a request for electroniccontent from a client computing device 126. The data processing system102 can intercept a request for the electronic content. The request canbe for electronic content of the 3P developer device 150. The dataprocessing system 102 can receive the request from a component of theclient computing device 126. For example, the client computing device126 can execute a component configured to transmit requests forelectronic content to the data processing system 102.

The client computing device 126 can include or execute a viewercomponent 128. The viewer component 128 can include an applicationdesigned, constructed or operational to render or present electroniccontent. The viewer component 128 can include, for example, anapplication. The viewer component 128 can include a web browser, nativeapplication, web application, or other component configured to transmitrequests for electronic content, receive electronic content, and renderelectronic content. The viewer component 128 can be configured totransmit requests for electronic documents to the cache server 114. Thecache server 114 can intercept a request to access the electronicdocument. Intercepting the request can refer to the cache server 114receiving the request for the electronic document instead of the 3Pdeveloper device 150. The cache server 114 can intercept the request byconfiguring the viewer component 128 with the IP address of the cacheserver 114 such that requests for electronic documents for the 3Pdeveloper device 150 are transmitted to the cache server 114 instead ofthe 3P developer device 150, or a server associated with the 3Pdeveloper device 150. By configuring the viewer component 128 totransmit requests to the cache sever 114 instead of the 3P developerdevice 150, the system 100 can reduce lag or delay associated withresponses to requests for electronic document.

Responsive to the request for the electronic document, the cache server114 can perform a lookup in storage of the cache server 114 to determinethat the electronic document has been validated and stored in the cacheserver 114. The cache server 114 can retrieve, from storage (e.g., 3Pdocuments 116) in the cache server 114, the electronic document insteadof accessing a server of the third party developer device 150 thatprovided the electronic document. The cache server 114 can transmit,from storage of the cache server 114, the electronic document to theviewer component 128 executed by the client computing device 126.

The viewer component 128 can include or execute a loading orchestratorcomponent 144 designed, configured or operational to load electronicdocuments in the viewer component 128. The loading orchestratorcomponent 144 can receive the electronic document from the dataprocessing system 102. The loading orchestrator component 144 can parseor process the electronic document to render or otherwise present theelectronic document in the viewer component 128. The loadingorchestrator component 144 can parse the electronic document receivedfrom the cache server 114 to determine whether to retrieve, download, orotherwise obtain or utilize additional resources for the electronicdocument. The loading orchestrator component 144 can parse the markuplanguage of the electronic document (e.g., HTML) to determine whether todownload additional resources.

The loading orchestrator component 144 can transmit one or more requeststo the data processing system 102 (or cache server 114 or other externalserver) to download one or more additional files or resources associatedwith the electronic document. Additional files or resources can include,for example, a cascading style sheet (“css” file) or images. A css filecan be a text file used for formatting content on the electronicdocument and can include information such as font, size, color, spacing,boarder, or location of HTML information on the electronic document. Theloading orchestrator component 144 can, upon downloading the one or morefiles or resources associated with the electronic document, build theelectronic document. The loading orchestrator component 144 can buildthe electronic document for display by combining the information foundin the retrieved electronic document (e.g., the original HTML file) andthe additional information found in the resources. The loadingorchestrator component 144 can build the document object map (“DOM”),which can include a map of where things are displayed on a pageaccording to the HTML. The DOM can map out the page in a relationalmanner. The loading orchestrator component 144 can build the CSS objectmap (“CSSOM”), which can map what styles should be applied to differentparts of the electronic document according to the CSS using styles. Theloading orchestrator component 144 can build a render tree, which caninclude combining the DOM and the CSSOM to create a map of how theelectronic document is to be laid out and painted.

The loading orchestrator component 144 can render or paint theelectronic document in an iframe 130 of the viewer component 128 afterbuilding the electronic document. The viewer component 128 can includean iframe 130. An iframe 130 can refer to an inline frame. The iframe130 can be an HTML document embedded inside another HTML document in theviewer component 128. The viewer component 128 can use the iframe 130element to insert the electronic document for display via the viewercomponent 128. The iframe 130 can be embedded in the viewer component128. The viewer component 128 can load, in the iframe 130, theelectronic document for display via the client computing device 126. Theviewer component 128 can restrict the iframe 130 from accessing certainportions of the viewer component 128 or accessing certain memory orfunctionality of the client computing device 126. Thus, the viewercomponent 128 can establish security restrictions or other controls forthe iframe 130 to limit the types of access or functionality provided bythe iframe 130.

The loading orchestrator component 144 can load, render, present orembed the electronic document (or 3P document 132) in the iframe 130.The 3P document 132, which can refer to the electronic documentretrieved from the cache server 114 and presented in the iframe 130, caninclude main content 134. Main content 134 can include, for example,text, images, video, or audio. Main content 134 can include, forexample, a news article, an entertainment website, blog posts, games,services, or other content. The 3P document 132 can include tags 136coded in a markup language 138. Markup language 138 can be in a formatand of a type approved by the validation component 110. The markup 138can be used to provide tags 136 in the 3P document 132 that providecontextual indication for the 3P document 132.

Tags 136 can indicate information about the 3P document 132 orinformation about input requested by the 3P document 132. Tags 136 canindicate a type of input, information about the input, input parameters,input values, or format of the input. Tags 136 can include predeterminedtags or custom tags. For example, on an 3P document 132 used to trackdelivery or shipping status, a tag 136 can indicate that input requestedfor 3P document 132 in order to fulfill or perform a tracking serviceincludes a tracking number for the item being delivered or shipped. Inanother example, for a 3P document 132 used to purchase an item the tag136 can indicate that input requested for the 3P document 132 in orderto fulfill or perform the purchase includes an address of the user orfinancial account information. Thus, the tag 136 can indicate inputinformation that facilitates the 3P document 132 or 3P developer device150 in performance or fulfillment of an action, request or serviceassociated with the 3P document 132. The 3P developer (e.g., via the 3Pdeveloper device 150) can establish the tags 136 in the 3P document 132using a markup language 138 to facilitate data exchange via a securecommunication channel 142. Tags 136 can include alphanumeric characters,symbols, or strings. For example, if the markup language 138 includesHTML, the tags can be provided as a meta tag or hidden tag. The tags 136can include an indication that the tag 136 is to be used by the runtimecomponent 140 or data processing system 102 for selecting data valuesfor input to the 3P document 132.

The viewer component 128 can host a runtime component 140 designed,constructed or operational to identify a tag 136 coded with a markuplanguage 138 in the electronic document (e.g., 3P document 132). Theruntime component 140 can include one or more rules or components. Theruntime component 140 can include code, program, functions, or logic.The runtime component 140 can include JavaScript. The runtime component140 can be configured to interface with the 3P document 132. Forexample, the 3P document 132 can be presented in an iframe 130 that hasrestricted access. The 3P document 132 can interface with the runtimecomponent 140 via an application programming interface. The runtimecomponent 140 can parse the 3P document 132 to identify tags 136 in the3P document 132. Responsive to the viewer component 128 receiving orloading the 3P document 132 in the iframe 130, the runtime component 140can execute. The runtime component 140 can parse the 3P document 132 toidentify tags 136. For example, tags 136 can include an indication thattriggers the runtime component 140 to capture the tag 136 or informationthereof, such as contextual information about the 3P document 132.

The runtime component 140 can parse the tags to determine the contextualinformation. The runtime component 140 can extract the contextualinformation from the tags 136 using any parsing technique, including,for example, keyword parsing technique, semantic parsing, or otherprocessing. The runtime component 140 can forward the contextualinformation to the data exchange component 146 of the viewer component128 for forwarding to the data processing system 102. The runtimecomponent 140 can forward the extracted information to the data exchangecomponent 146 via a secure communication channel 142.

The viewer component 128 can include or execute a data exchangecomponent 146. The data exchange component 146 can include one or morerules, scripts, or a program. The data exchange component 146 canreceive, from the runtime component 140 via a secure communicationchannel 142, an indication of the tag 136.

The runtime component 140 and data exchange component 146 can establishthe secure communication channel 142. The secure communication channel142 can be secure because the 3P developer device 150 may not be able toaccess the data or contents transmitted via the secure communicationchannel 142. The secure communication channel 142 can refer to acommunication between a component executed within an iframe 130 and acomponent outside the iframe 130, such as the data exchange component146 executed by the viewer component 128. The secure communicationchannel 142 can be used to transmit messages between the runtimecomponent 140 and the data exchange component 146. Messages can be sentto, from or between iframes or a parent frame using the securecommunication channel 142. For example, the viewer component 128 (e.g.,via data exchange component 146) can send messages to an iframe 130 (orruntime component 140 thereof) using, for example,“iframeE1.contentWindow.postMessage”. The viewer component 128 or parentframe, via the data exchange component 146, can receive messages using,for example, “window.addEventListener(‘message’). The iframe 130 (orruntime component 140) can send messages to the viewer component 128using, for example, “window.parent.postMessage”. The iframe 130 (e.g.,runtime component 140) can receive messages using, for example,“window.addEventListener(‘message’). This postMessage( ) technique canaccept parameters, such as message and targetOrigin. The messageparameter can include a string or an object that is to be sent to thereceiving window. The targetOrigin parameter can include the uniformresource locator (“URL”) of the window that the message is being sentto. The protocol, port and hostname of the target window can be set tomatch this parameter for the message to be sent. Using a wildcard, suchas “*” can match any URL.

The data exchange component 146 and runtime component 140 cancommunicate with one another. For example, the data exchange component146 can correspond to a parent frame and the runtime component 140 canexecute in an iframe 130 that is a child frame of the parent frame. Inanother example, the data exchange component 146 can be loaded in aseparate iframe 130, in which case the data exchange component 146 andruntime component 140 can communicate with one another using the parentframe of the viewer component 128 as a relay. For example, a parentframe (e.g., first frame) can have two child iframes (e.g., secondiframe and third iframe). The second iframe can communicate with theparent frame, which can relay the communication to the third iframe. Thethird iframe can reply to the communication by sending a message back tothe parent frame, which can relay the message to the second iframe.Thus, the secure communication channel 142 can include the viewercomponent 128 relaying messages between the runtime 140 and the dataexchange component 146.

The data exchange component 146 can transmit, to the data processingsystem 102, the contextual information extracted by the runtimecomponent 140 from tags 136. The data exchange component 146 cantransmit the extracted information with a request for data values oradditional information responsive to the contextual informationassociated with the 3P document 132. The data exchange component 146 cancommunicate with the data processing system 102 to obtain data values.The data processing system 102 can include a data value generatorcomponent 112 designed, constructed or operational to obtain data valuesresponsive to the tags 136 in the 3P document 132. The data valuegenerator component 112 can receive, from the viewer component 128(e.g., via the data exchange component 146) the indication of the tag136. The data value generator component 112 can select, based on theindication of the tag 136, a data value.

The data value generator component 112 can use one or more selectiontechnique to identify data values responsive to the tags 136 receivedfrom the data exchange component 146. The data value generator component112 can access data repository 118 to identify account information 122that stores data values 124. The data value generator component 112 canperform a lookup in the account 122 data structure to determine datavalues 124 that are responsive to the tag 136 and facilitate the 3Pdocument 132 or 3P developer device 150 in performance of a service,action or function. The data value generator component 112 can select oridentify values that can be used by the direct action API 108 togenerate an action data structure that can be transmitted to the 3Pdeveloper device 150 to perform or fulfill a request.

The data value generator component 112 can use a semantic processingtechnique, selection criteria, machine learning, or other technique toselect or identify candidate data values. The data value generatorcomponent 112 can access one or more sources to determine the datavalues. For example, the data value generator component 112 can accessan account data structure 122 containing data values 124 associated withthe client computing device 126, or user thereof. The data processingsystem 102 can be configured to query external data sources associatedwith the client computing device 126, responsive to authorization fromthe client computing device 126.

The data value generator component 112 can identify one or more datavalues that are responsive to the context information received from thedata exchange component 146. The data value generator component 112 canidentify multiple data values. The data value generator component 112can determine to transmit one or more data values identified by the datavalue generator component 112 to the data exchange component 146 orviewer component 128. In some embodiments the data value generator maynot be able to identify particular data values that are directlyresponsive to the context information and the data value generatorcomponent 112 can determine to transmit a subset of the identified datavalues based on a ranking or filter technique. For example, each datavalue can be associated with a confidence score or ranking score orrelevance score. The data value generator component 112 can determine totransmit the highest ranking data values because those data values maybe the most likely to be responsive to the contextual information of the3P document 132. In some cases, the data value generator component 112can transmit the top three ranking data values, top five, top 10, orother number of the data values.

For example, the contextual information can indicate that addressinformation is requested by the 3P document 132 in order to perform aservice or action. The data value generator component 112 can perform alookup in the data value data structure 124 of the account 122corresponding to the client computing device 126 to identify theaddress. The data value 124 can include one or more addresses. The datavalue generator component 112 can transmit, responsive to the request,the one or more addresses retrieved from the data values data structure124. In another example, the contextual information can indicate that afinancial account information is requested by the 3P document 132 toperform an action or service. The data value generator component 112,upon receiving the contextual information, can perform a lookup in thedata value 124 data structure to identify one or more accountidentifiers, and transmit, via network 101, the one or more accountidentifiers to the viewer component 128. Thus, the data value generatorcomponent 112 can generate data values responsive to the contextualinformation extracted by the runtime component 140 from tags 136.

The viewer component 128 can receive data values generated or providedby the data value generator 112. The viewer component 128 can preventthe 3P document 132 from accessing the received data values. Forexample, the secure communication channel 142 can control access to thedata values or prohibit access by the 3P document 132. The viewercomponent 128, upon receiving the data values from the data processingsystem 102, can request authorization from the client computing device126, or user thereof, before inputting the data values into the 3Pdocument 132.

The viewer component 128 can include or execute an overlay component 148designed, constructed or operational to generate a prompt comprising theone or more data values received from the data processing system 102.The overlay component 148 can generate graphical user interface, window,button, or other notification that includes the one or more data values.The overlay component 148 can generate the prompt containing the datavalues prior to granting the 3P document 132 with access to the datavalues, thereby maintaining a secure communication channel 142. Theoverlay component 148 can generate a popup window or other userinterface element with one or more buttons or controls. The overlaycomponent 148 can determine to overlay the window over the 3P document132. For example, the overlay component 148 can generate a suggestiondrop down menu or auto fill drop down menu or suggests at a position onthe 3P document 132 that corresponds to the input form field or inputtext box on the 3P document 132. The overlay component 148 can renderthe data value on the 3P document 132 in a separate iframe that issecure and cannot be accessed by the 3P document 132.

The overlay component 148 can provide the data values for display andinclude an input button to allow the client computing device 126 toselect the data value or authorize a data value for transmission to the3P document 132. For example, the overlay component 148 can receivethree different addresses from the data value generator component 112.The overlay component 148 can provide, in a secure manner, an indicationof the three candidate addresses via the viewer component 128. Theoverlay component 148 can include a button or other input mechanism toallow the client computing device 126 to select one of the threecandidate addresses. The viewer component 128 can receive, from theclient computing device 126, a selection of a data value or anauthorization to transmit or provide the data value to the 3P document132. The viewer component 128 can receive, responsive to the prompt,input from the client computing device 126 authorizing the data value.

Responsive to the authorization of the data value, the viewer component128 can provide the data value to the 3P document 132. The viewercomponent 128 can provide the data value via the secure communicationchannel 142 established between the data exchange component 146 and theruntime component 140. The secure communication channel 142 can beconfigured to prohibit the 3P document 132 from accessing the data valueprior to authorization of the data value. For example, the overlaycomponent 148 may have had access to the data value in order to generatethe prompt, but the runtime component 140 and 3P document 132 may nothave had access to the data value unless it was authorized by the clientcomputing device 126. Further, the 3P document 132 or runtime component140 may not have access to all the candidate data values transmitted bythe data processing system 102 to the viewer component 128 and providedin the prompt by the overlay component 148. Rather, the 3P document 132may be granted access to the data value authorized by the clientcomputing device 126, but not to the other candidate data valuesdisplayed in the prompt by the overlay component 148 but not selected bythe client computing device 126 for provision to the 3P document 132.Thus, the secure communication channel 142 can be configured to onlytransmit extracted information from the tags 136 to the data exchangecomponent 146, and transmit authorized data values to the runtimecomponent 140 for input into the 3P document 132. Thus, the viewercomponent 128 can provide, via the secure communication channel 142 andresponsive to the input from the prompt, the data value to the runtimecomponent 140 to cause the runtime component 140 to execute an actionwith the data value via the electronic document (e.g., 3P document 132).

The runtime component 140 can input the data value into the 3P document132 and cause the 3P document 132 to execute an action using the datavalue. For example, the runtime component 140 can input an address intoan input form field in the 3P document 132, and then select a link orother trigger to initiate processing of the address to perform afunction. The runtime component 140 can input one or more authorizeddata values into one or more input fields in the 3P document 132.

For example, the data processing system 102 can receive, from the viewercomponent 128 interfacing with the runtime component 140 via the securecommunication channel 142, the indication of the tag 136. The dataprocessing system 102 (e.g., via the data value generator component 112)can retrieve, responsive to the tag 136, the data value from an account122 associated with the client computing device 126 stored on the dataprocessing system 102. The data processing system 102 can provide, tothe viewer component 128, the data value to cause the viewer component128 to generate the prompt including the data value. The data processingsystem 102 can identify the data value responsive to receipt of theindication of the tag from the viewer component 128. The data processingsystem 102 can search one or more electronic data sources associatedwith the client computing device 126 to identify the data valueresponsive to the indication of the tag. In some cases, the dataprocessing system 102 can identify multiple candidate data valuesresponsive to receipt of the indication of the tag 136 from the viewercomponent 128, and provide the multiple candidate data values fordisplay in the prompt. The prompt can restrict access by the 3P document132 (e.g., electronic document) to at least one of the plurality ofcandidate data values that has been authorized by the client computingdevice 126, but deny or prohibit access to the data values that have notbeen authorized by the client computing device 126, thereby providing asecure communication channel 142. Thus, the viewer component 128 blocksaccess to the data value by the 3P document 132 (e.g., electronicdocument) prior to the input from the client computing device 126authorizing or granting the access. The input can include an instructionfrom the client computing device 126 to grant the electronic documentaccess to the data value provided by the data processing system 102responsive to the indication of the tag 136.

FIG. 2 is an illustration of the operation of system 200 for securecommunication in mobile digital pages. The system 200 can include one ormore component of system 100 depicted in FIG. 1 or system 400 depictedin FIG. 4. System 200 can include a data processing system 102. The dataprocessing system 102 can communicate, interface with, or otherwiseinteract with a 3P developer device 150. At ACT 202, the data processingsystem can receive an electronic document (e.g., 3P document) from the3P developer device 150. The 3P developer device 150 can provide orupload the electronic document to the data processing system 102. At ACT204, the data processing system 102 can determine whether the electronicdocument is valid. The data processing system 102 can use a validationpolicy to determine whether the electronic document is valid. Thevalidation policy can take into account types of code in the electronicdocument, format of the electronic document, or content of theelectronic document. For example, the data processing system 102 candetermine that an electronic document is invalid if it containsJavaScript or markup language in an unapproved format.

If the data processing system 102 determines the electronic document isnot valid, the data processing system 102 can apply securityrestrictions and notify the 3P developer device 150 at ACT 206. The dataprocessing system 102 can generate a prompt or notification indicatingthat the electronic document failed validation or is invalid. The dataprocessing system 102 can further indicate the reasons the electronicdocument is invalid and provide a suggestion as to how to resolve, fixor otherwise modify the electronic document to make the electronicdocument valid. If the data processing system 102 determines theelectronic document is valid at ACT 204, the data processing system 102can proceed to store the electronic document in a cache server at ACT208.

At ACT 210, the data processing system 102 can receive a request toaccess the electronic document 210. A client computing device 126 canrequest access to the electronic document. The data processing system102 can receive the request from the client computing device 126. Theclient computing device 126 can include or execute a viewer component128. The viewer component 128 can be configured to transmit the requestto the data processing system 102 or a cache server of the dataprocessing system 102. For example, the viewer component 128 can beconfigured with an IP address of the data processing system 102 to useto route requests for electronic documents or certain types ofelectronic documents.

The data processing system 102, upon receiving the request via ACT 210,can process the request at ACT 212. The data processing system 102 canparse the identifier of the electronic document to determine whether thedata processing system 102 has a cached version of the electronicdocument. The data processing system 102 can perform a lookup in a cacheserver using the identifier to determine whether the electronic documentis in the cache. If the data processing system 102 determines theelectronic document is not stored in the cache server, the dataprocessing system 102 can proceed to ACT 216 and prohibit access tostored data values. The data processing system 102 can forward therequest to a 3P developer device 150 or a server associated with the 3Pdeveloper device 150. For example, the data processing system 102 candetermine that the electronic document is not stored in the cachebecause the electronic document has not yet been validated or determinedto be invalid at ACT 204. Thus, one of the security restrictions thatcan be applied at ACT 206 to the invalid document can includeprohibiting access to stored data values and directly forwarding therequest for the electronic document to the 3P developer device 150 orserver thereof.

If, however, the data processing system 102 determines that theelectronic document is stored in the cache at ACT 214, the dataprocessing system 102 can proceed to transmitting the cached document atACT 218 to the client computing device 126. The client component device126 can receive the electronic document. The viewer component 128executing on the client computing device 126 can load the electronicdocument. The viewer component 128 can load main content 134 of theelectronic content, such as an article, images, video or other contentto be presented for display. The viewer component 128 can render or loadthe electronic document in an iframe. The viewer component 128 can hosta runtime component 140 that can parse the electronic document toidentify tags in the electronic document coded using a markup language.The runtime component 140 can use JavaScript to parse the electronicdocument to extract tags or other contextual information. In some cases,the electronic document may not include tags configured by the 3Pdeveloper device 150, and the runtime component 140 can extract thecontextual information using semantic processing techniques.

The runtime component 140, upon identifying the contextual information,can transmit the contextual information to the data processing system102 at ACT 220. In some cases, the data processing system 102 may haveaccess to the contextual information in the cache server and withoutreceiving the contextual information from the runtime component 140.Responsive to identifying the contextual information of the electronicdocument, the data processing system 102 can select and provide datavalues at ACT 222. The data processing system 102 can use the contextualinformation to select data values. The data processing system 102 canaccess one or more data sources associated with the client computingdevice 126 to identify data values. The data processing system 102 canaccess profile information, account information, or other data sourcesauthorized by the client computing device 126. The data processingsystem 102 can identify one or more data sources linked to the clientcomputing device 126, and perform a lookup or otherwise select orextract data values from the data sources.

The data processing system 102 can provide the identified data values ascandidate data values at ACT 224. The data values can be referred to ascandidate data values because they have not yet been authorized orapproved by the client computing device 126 for input into theelectronic document. The data processing system 102 can provide one ormore data values as candidate data values. The data processing system102 can provide the data values to the viewer component 128 to cause theviewer component 128 to generate a prompt with candidate data values atACT 226. The prompt can be provided as an overlay over the electronicdocument or otherwise indicated to the user of the client computingdevice 126 without inputting the one or more data values into theelectronic document. The viewer component 128 can generate the promptusing any graphical user interface widget or functionality. In somecases, the prompt can include an audio prompt instead of or in additionto a graphical or visual prompt.

At ACT 228, the viewer component 128 can receive input. The input canindicate whether to authorize a data value for input into the electronicdocument. The input can include, for example, a selection, click,gesture, voice input, motion, or other indication that a data valueprovided via the prompt at ACT 226 is authorized or approved for inputinto the electronic document. At ACT 230, the viewer component 128 candetermine whether to provide the data value to the electronic document.If the viewer component 128 determines to provide the data value, theviewer component 128 can proceed to ACT 236 and transmit the data valueto the electronic document of the 3P developer device 150 to cause theelectronic document or 3P developer device to execute an action. If,however, the viewer component 128 determines, at ACT 230, not to providethe data values based on the user input received at ACT 228, the viewercomponent 128 can transmit an indication to the data processing system102 that the data values were rejected.

At ACT 232, responsive to receiving the indication that the data valueswere rejected from the client computing device 126, the data processingsystem 102 can determine whether to update the data value. Updating thedata value can refer to identifying additional candidate data values orproviding additional candidate data values that were not initiallyprovided to the client computing device at ACT 224. The data processingsystem 102 can determine to perform an additional lookup or selectadditional data values from one or more data sources. If the dataprocessing system 102 identifies additional data values that areresponsive to the contextual information of the electronic document, thedata processing system 102 can return to ACT 222 to select and providethe additional data values to the client computing device 126. If,however, the data processing system 102 does not identify any additionaldata values, the data processing system 102 can proceed to ACT 234 toterminate the communication with the viewer component 128. For example,the data processing system 102 can determine that additional candidatedata values are not available to the data processing system 102, andterminate the communication in order to reduce network bandwidthutilization, or session management by the data processing system 102.

FIG. 3 is an illustration of an example method of secure communicationin mobile pages. The method 300 can be performed by one or morecomponent, system or element of system 100 depicted in FIG. 1, system200 depicted in FIG. 2, or system 400 depicted in FIG. 4. For example,the method 300 can be performed by a data processing system. At ACT 302,the data processing system can receive an electronic document. The dataprocessing system can receive the electronic document from a 3Pdeveloper device. The data processing system can receive an electronicdocument configured to interface with a runtime application programminginterface (“API”). A runtime API can refer to or include a JavaScriptprogram that can parse the electronic document to extract information,and provide input information to the electronic document.

At ACT 304, the data processing system can validate the electronicdocument. The data processing system can validate the electronicdocument using a validation policy. Validating the electronic documentcan include, for example, determining whether the document includescertain types of content, code, or formats. The data processing systemcan validate the document if it does not include prohibited content,code or formats. The data processing system can invalidate the documentshould the electronic document contain prohibited content, code orformats. By invalidating certain documents, the data processing systemcan reduce security risks, errors, bugs, crashes on client computingdevices, and wasted computing resource utilization.

If, at ACT 306, the data processing system determines the electronicdocument is not valid, the data processing system can proceed to ACT 308to determine whether to automatically modify the electronic document.The data processing system can determine whether to automatically modifythe electronic document based on one or more factors or policies. Thedata processing system can determine to automatically modify theelectronic document if the 3P developer device authorized or instructedthe data processing system to automatically modify documents that wereinvalid. The data processing system can determine to automaticallymodify the electronic document if the reason the document was determinedinvalid corresponds to an issue that the data processing system isconfigured to remedy. For example, if the document was invalid becauseof formatting or a format of the markup language, and the dataprocessing system is configured to re-format the document to an approvedmarkup language format, then the data processing system can proceed toreformatting the electronic document. The data processing system candetermine to automatically modify the electronic document ifmodification includes removing references to JavaScript. The dataprocessing system can determine not to modify if it would entailremoving aspects of the electronic document that could result in furthererrors or bugs. The data processing system can, therefore, determine tomodify the electronic document based on the amount or type of validationfailures.

If the data processing system determines not to automatically modify theelectronic document, the data processing system can proceed to ACT 310and notify the 3P developer that the electronic document is invalid,reasons why the document is invalid, and request the 3P developer toresolve the issues in the electronic document.

If, at ACT 308, the data processing system determines to automaticallymodify the electronic document, the data processing system can proceedto ACT 312 and modify the electronic document. The data processingsystem can modify the electronic document by removing JavaScript, orre-formatting the electronic document based on the validation policy.

The data processing system can proceed to ACT 314 to store theelectronic document in the cache server. If, at ACT 306, the dataprocessing system determines the document is valid based on thevalidation policy, the data processing system can proceed to ACT 314 tostore the electronic document in the cache server. The data processingsystem can store, responsive to validation of the electronic document ormodification of the electronic document, the electronic document on acache server of the data processing system.

At ACT 316, the data processing system can receive a request for theelectronic document. The data processing system can receive the requestfrom a client computing device. The request can be to access theelectronic document. The data processing system can transmit theelectronic document from the cache server at ACT 318.

At ACT 320, the data processing system can receive contextualinformation from the client computing device. The contextual informationcan be extracted from tags in the electronic document. For example, aviewer component executing on the client computing device can load, inan iframe, the electronic document for display via the client computingdevice. The viewer component can execute, in the electronic document, aruntime component to identify a tag coded with a markup language in theelectronic document. The viewer component can receive, from the runtimecomponent via a secure communication channel, an indication of the tag.The secure communication channel can refer to a communication thatrestricts or prohibits the electronic document from accessing data thatmay be accessible or available to the viewer component or othercomponent of the viewer component. The data processing system canreceive, from the viewer component, the indication of the tag.

At ACT 322, the data processing system can select a data value based onthe indication of the tag. The data processing system can select thedata value responsive to the contextual information. The data processingsystem can select the data values using a lookup technique, matchingtechnique, semantic technique, or other selection or identificationtechnique. The data processing system can access one or more authorizedor approved data sources associated with or linked to the clientcomputing device.

The data processing system can provide the candidate data value to theclient computing device. The data processing system can transmit thedata value to cause the viewer component executing on the clientcomputing device to perform one or more actions. Prior to providing thedata value as input to the electronic document, the viewer component cangenerate a prompt with the data value. The viewer component can receive,responsive to the prompt, input from the client computing device. If theinput includes a selection of the data value and authorization to inputthe data value, the viewer component can provide, via the securecommunication channel and responsive to the input, the data value to theruntime component. The runtime component can then input the data valueinto the electronic document to execute an action with the data valuevia the electronic document. Thus, the selected data value, as opposedto any unselected data values, can be provided securely to theelectronic document upon authorization.

FIG. 4 is a block diagram of an example computer system 400. Thecomputer system or computing device 400 can include or be used toimplement the system 100, or its components such as the data processingsystem 102. The data processing system 102 can include an intelligentpersonal assistant or voice-based digital assistant. The computingsystem 400 includes a bus 405 or other communication component forcommunicating information and a processor 410 or processing circuitcoupled to the bus 405 for processing information. The computing system400 can also include one or more processors 410 or processing circuitscoupled to the bus for processing information. The computing system 400also includes main memory 415, such as a random access memory (RAM) orother dynamic storage device, coupled to the bus 405 for storinginformation, and instructions to be executed by the processor 410. Themain memory 415 can be or include the data repository 145. The mainmemory 415 can also be used for storing position information, temporaryvariables, or other intermediate information during execution ofinstructions by the processor 410. The computing system 400 may furtherinclude a read only memory (ROM) 420 or other static storage devicecoupled to the bus 405 for storing static information and instructionsfor the processor 410. A storage device 425, such as a solid statedevice, magnetic disk or optical disk, can be coupled to the bus 405 topersistently store information and instructions. The storage device 425can include or be part of the data repository 145.

The computing system 400 may be coupled via the bus 405 to a display435, such as a liquid crystal display, or active matrix display, fordisplaying information to a user. An input device 430, such as akeyboard including alphanumeric and other keys, may be coupled to thebus 405 for communicating information and command selections to theprocessor 410. The input device 430 can include a touch screen display435. The input device 430 can also include a cursor control, such as amouse, a trackball, or cursor direction keys, for communicatingdirection information and command selections to the processor 410 andfor controlling cursor movement on the display 435. The display 435 canbe part of the data processing system 102, the client computing device126 or other component of FIG. 1, for example.

The processes, systems and methods described herein can be implementedby the computing system 400 in response to the processor 410 executingan arrangement of instructions contained in main memory 415. Suchinstructions can be read into main memory 415 from anothercomputer-readable medium, such as the storage device 425. Execution ofthe arrangement of instructions contained in main memory 415 causes thecomputing system 400 to perform the illustrative processes describedherein. One or more processors in a multi-processing arrangement mayalso be employed to execute the instructions contained in main memory415. Hard-wired circuitry can be used in place of or in combination withsoftware instructions together with the systems and methods describedherein. Systems and methods described herein are not limited to anyspecific combination of hardware circuitry and software.

Although an example computing system has been described in FIG. 4, thesubject matter including the operations described in this specificationcan be implemented in other types of digital electronic circuitry, or incomputer software, firmware, or hardware, including the structuresdisclosed in this specification and their structural equivalents, or incombinations of one or more of them.

For situations in which the systems discussed herein collect personalinformation about users, or may make use of personal information, theusers may be provided with an opportunity to control whether programs orfeatures that may collect personal information (e.g., information abouta user's social network, social actions or activities, a user'spreferences, or a user's location), or to control whether or how toreceive content from a content server or other data processing systemthat may be more relevant to the user. In addition, certain data may beanonymized in one or more ways before it is stored or used, so thatpersonally identifiable information is removed when generatingparameters. For example, a user's identity may be anonymized so that nopersonally identifiable information can be determined for the user, or auser's geographic location may be generalized where location informationis obtained (such as to a city, postal code, or state level), so that aparticular location of a user cannot be determined. Thus, the user mayhave control over how information is collected about him or her and usedby the content server.

The subject matter and the operations described in this specificationcan be implemented in digital electronic circuitry, or in computersoftware, firmware, or hardware, including the structures disclosed inthis specification and their structural equivalents, or in combinationsof one or more of them. The subject matter described in thisspecification can be implemented as one or more computer programs, e.g.,one or more circuits of computer program instructions, encoded on one ormore computer storage media for execution by, or to control theoperation of, data processing apparatuses. Alternatively or in addition,the program instructions can be encoded on an artificially generatedpropagated signal, e.g., a machine-generated electrical, optical, orelectromagnetic signal that is generated to encode information fortransmission to suitable receiver apparatus for execution by a dataprocessing apparatus. A computer storage medium can be, or be includedin, a computer-readable storage device, a computer-readable storagesubstrate, a random or serial access memory array or device, or acombination of one or more of them. While a computer storage medium isnot a propagated signal, a computer storage medium can be a source ordestination of computer program instructions encoded in an artificiallygenerated propagated signal. The computer storage medium can also be, orbe included in, one or more separate components or media (e.g., multipleCDs, disks, or other storage devices). The operations described in thisspecification can be implemented as operations performed by a dataprocessing apparatus on data stored on one or more computer-readablestorage devices or received from other sources.

The terms “data processing system” “computing device” “component” or“data processing apparatus” encompass various apparatuses, devices, andmachines for processing data, including by way of example a programmableprocessor, a computer, a system on a chip, or multiple ones, orcombinations of the foregoing. The apparatus can include special purposelogic circuitry, e.g., an FPGA (field programmable gate array) or anASIC (application specific integrated circuit). The apparatus can alsoinclude, in addition to hardware, code that creates an executionenvironment for the computer program in question, e.g., code thatconstitutes processor firmware, a protocol stack, a database managementsystem, an operating system, a cross-platform runtime environment, avirtual machine, or a combination of one or more of them. The apparatusand execution environment can realize various different computing modelinfrastructures, such as web services, distributed computing and gridcomputing infrastructures. For example, the direct action API 108 or NLPcomponent 106 and other data processing system 102 components caninclude or share one or more data processing apparatuses, systems,computing devices, or processors.

A computer program (also known as a program, software, softwareapplication, app, script, or code) can be written in any form ofprogramming language, including compiled or interpreted languages,declarative or procedural languages, and can be deployed in any form,including as a stand-alone program or as a module, component,subroutine, object, or other unit suitable for use in a computingenvironment. A computer program can correspond to a file in a filesystem. A computer program can be stored in a portion of a file thatholds other programs or data (e.g., one or more scripts stored in amarkup language document), in a single file dedicated to the program inquestion, or in multiple coordinated files (e.g., files that store oneor more modules, sub programs, or portions of code). A computer programcan be deployed to be executed on one computer or on multiple computersthat are located at one site or distributed across multiple sites andinterconnected by a communication network.

The processes and logic flows described in this specification can beperformed by one or more programmable processors executing one or morecomputer programs (e.g., components of the data processing system 102)to perform actions by operating on input data and generating output. Theprocesses and logic flows can also be performed by, and apparatuses canalso be implemented as, special purpose logic circuitry, e.g., an FPGA(field programmable gate array) or an ASIC (application specificintegrated circuit). Devices suitable for storing computer programinstructions and data include all forms of non-volatile memory, mediaand memory devices, including by way of example semiconductor memorydevices, e.g., EPROM, EEPROM, and flash memory devices; magnetic disks,e.g., internal hard disks or removable disks; magneto optical disks; andCD ROM and DVD-ROM disks. The processor and the memory can besupplemented by, or incorporated in, special purpose logic circuitry.

The subject matter described herein can be implemented in a computingsystem that includes a back end component, e.g., as a data server, orthat includes a middleware component, e.g., an application server, orthat includes a front end component, e.g., a client computer having agraphical user interface or a web browser through which a user caninteract with an implementation of the subject matter described in thisspecification, or a combination of one or more such back end,middleware, or front end components. The components of the system can beinterconnected by any form or medium of digital data communication,e.g., a communication network. Examples of communication networksinclude a local area network (“LAN”) and a wide area network (“WAN”), aninter-network (e.g., the Internet), and peer-to-peer networks (e.g., adhoc peer-to-peer networks).

The computing system such as system 100 or system 400 can includeclients and servers. A client and server are generally remote from eachother and typically interact through a communication network (e.g., thenetwork 101). The relationship of client and server arises by virtue ofcomputer programs running on the respective computers and having aclient-server relationship to each other. In some implementations, aserver transmits data (e.g., data packets representing a digitalcomponent) to a client device (e.g., for purposes of displaying data toand receiving user input from a user interacting with the clientdevice). Data generated at the client device (e.g., a result of the userinteraction) can be received from the client device at the server (e.g.,received by the data processing system 102 from the client computingdevice 126 or the 3P developer device 150).

While operations are depicted in the drawings in a particular order,such operations are not required to be performed in the particular ordershown or in sequential order, and all illustrated operations are notrequired to be performed. Actions described herein can be performed in adifferent order.

The separation of various system components does not require separationin all implementations, and the described program components can beincluded in a single hardware or software product. For example, the NLPcomponent 106 or the direct action API 108, can be a single component,app, or program, or a logic device having one or more processingcircuits, or part of one or more servers of the data processing system102.

Having now described some illustrative implementations, it is apparentthat the foregoing is illustrative and not limiting, having beenpresented by way of example. In particular, although many of theexamples presented herein involve specific combinations of method actsor system elements, those acts and those elements may be combined inother ways to accomplish the same objectives. Acts, elements andfeatures discussed in connection with one implementation are notintended to be excluded from a similar role in other implementations orimplementations.

The phraseology and terminology used herein is for the purpose ofdescription and should not be regarded as limiting. The use of“including” “comprising” “having” “containing” “involving”“characterized by” “characterized in that” and variations thereofherein, is meant to encompass the items listed thereafter, equivalentsthereof, and additional items, as well as alternate implementationsconsisting of the items listed thereafter exclusively. In oneimplementation, the systems and methods described herein consist of one,each combination of more than one, or all of the described elements,acts, or components.

Any references to implementations or elements or acts of the systems andmethods herein referred to in the singular may also embraceimplementations including a plurality of these elements, and anyreferences in plural to any implementation or element or act herein mayalso embrace implementations including only a single element. Referencesin the singular or plural form are not intended to limit the presentlydisclosed systems or methods, their components, acts, or elements tosingle or plural configurations. References to any act or element beingbased on any information, act or element may include implementationswhere the act or element is based at least in part on any information,act, or element.

Any implementation disclosed herein may be combined with any otherimplementation or embodiment, and references to “an implementation,”“some implementations,” “one implementation” or the like are notnecessarily mutually exclusive and are intended to indicate that aparticular feature, structure, or characteristic described in connectionwith the implementation may be included in at least one implementationor embodiment. Such terms as used herein are not necessarily allreferring to the same implementation. Any implementation may be combinedwith any other implementation, inclusively or exclusively, in any mannerconsistent with the aspects and implementations disclosed herein.

References to “or” may be construed as inclusive so that any termsdescribed using “or” may indicate any of a single, more than one, andall of the described terms. A reference to “at least one of ‘A’ and ‘B’”can include only ‘A’, only ‘B’, as well as both ‘A’ and ‘B’. Suchreferences used in conjunction with “comprising” or other openterminology can include additional items.

Where technical features in the drawings, detailed description or anyclaim are followed by reference signs, the reference signs have beenincluded to increase the intelligibility of the drawings, detaileddescription, and claims. Accordingly, neither the reference signs northeir absence have any limiting effect on the scope of any claimelements.

The systems and methods described herein may be embodied in otherspecific forms without departing from the characteristics thereof. Theforegoing implementations are illustrative rather than limiting of thedescribed systems and methods. Scope of the systems and methodsdescribed herein is thus indicated by the appended claims, rather thanthe foregoing description, and changes that come within the meaning andrange of equivalency of the claims are embraced therein.

1. A system for secure communication in mobile digital pages,comprising: a data processing system comprising at least one processorand memory; a validation component executed by the data processingsystem to: receive, from a third party developer device, an electronicdocument configured to interface with a runtime application programminginterface; validate the electronic document based on a validationpolicy; store, responsive to validation of the electronic document, theelectronic document on a cache server of the data processing system; thecache server to receive, from a viewer component executed by a clientcomputing device, a request to access the electronic document, andprovide, responsive to the request, the electronic document to cause theviewer component to: load, in an iframe, the electronic document fordisplay via the client computing device; execute, in the electronicdocument, a runtime component to identify a tag coded with a markuplanguage in the electronic document; and receive, from the runtimecomponent via a secure communication channel, an indication of the tag;the data processing system to: receive, from the viewer component, theindication of the tag; select, based on the indication of the tag, adata value; transmit, to the viewer component executed by the clientcomputing device, the data value to cause the viewer component to:generate a prompt comprising the data value; receive, responsive to theprompt, input from the client computing device; and provide, via thesecure communication channel and responsive to the input, the data valueto the runtime component to cause the runtime component to execute anaction with the data value via the electronic document.
 2. The system ofclaim 1, comprising the data processing system to: parse the electronicdocument responsive to receipt of the electronic document from the thirdparty developer device; determine, based on parsing the electronicdocument, that JavaScript is absent from the electronic document; andvalidate, responsive to the determination that JavaScript is absent fromthe electronic document, the electronic document for storage in thecache server of the data processing system.
 3. The system of claim 1,comprising the data processing system to: receive a second electronicdocument; detect a presence of JavaScript in the second electronicdocument responsive to receipt of the second electronic document;determine, responsive to detection of the presence of the JavaScript inthe second electronic document, not to validate the second electronicdocument and remove the second electronic document from storage in thecache server.
 4. The system of claim 1, comprising the data processingsystem to: identify the markup language in the electronic documentresponsive to receipt of the electronic document from the third partydeveloper device; determine, based on a format of the markup language,that the electronic document is valid for secure communication in mobiledigital pages; and store, in the cache server, the electronic documentresponsive to validation of the electronic document for securecommunication in mobile digital pages.
 5. The system of claim 1, whereinthe cache server comprises a proxy server for a server of the thirdparty developer device that provided the electronic document.
 6. Thesystem of claim 1, comprising the cache server to: intercept a requestto access the electronic document; perform a lookup in storage of thecache server to determine that the electronic document has beenvalidated and stored in the cache server; retrieve, from storage in thecache server, the electronic document instead of accessing a server ofthe third party developer device that provided the electronic document;and transmit, from storage of the cache server, the electronic documentto the viewer component executed by the client computing device.
 7. Thesystem of claim 1, comprising the data processing system to: receive,from the viewer component interfacing with the runtime component via thesecure communication channel, the indication of the tag; retrieve,responsive to the tag, the data value from an account associated withthe client computing device stored on the data processing system; andprovide, to the viewer component, the data value to cause the viewercomponent to generate the prompt including the data value.
 8. The systemof claim 1, comprising the data processing system to: identify the datavalue responsive to receipt of the indication of the tag from the viewercomponent, the data value associated with the client computing deviceand stored on the data processing system; and provide the data value tothe viewer component to cause the viewer component to display, in anoverlay, the prompt generated to include the data value.
 9. The systemof claim 1, comprising the data processing system to: identify aplurality of candidate data values responsive to receipt of theindication of the tag from the viewer component; and provide theplurality of candidate data values for display in the prompt, whereinthe prompt restricts access by the electronic document to at least oneof the plurality of candidate data values.
 10. The system of claim 1,wherein the viewer component blocks access to the data value by theelectronic document prior to the input from the client computing device.11. The system of claim 1, comprising the data processing system to:search one or more electronic data sources associated with the clientcomputing device to identify the data value responsive to the indicationof the tag.
 12. The system of claim 1, wherein the input comprises aninstruction from the client computing device to grant the electronicdocument access to the data value provided by the data processing systemresponsive to the indication of the tag.
 13. The system of claim 1,wherein the action comprises an electronic transaction using the datavalue.
 14. A method of secure communication in mobile digital pages,comprising: receiving, by a data processing system comprising at leastone processor, from a third party developer device, an electronicdocument configured to interface with a runtime application programminginterface; validating, by the data processing system, the electronicdocument based on a validation policy; storing, by the data processingsystem, responsive to validation of the electronic document, theelectronic document on a cache server of the data processing system;receiving, by the cache server from a viewer component executed by aclient computing device, a request to access the electronic document,and provide, responsive to the request, the electronic document to causethe viewer component to: load, in an iframe, the electronic document fordisplay via the client computing device; execute, in the electronicdocument, a runtime component to identify a tag coded with a markuplanguage in the electronic document; and receive, from the runtimecomponent via a secure communication channel, an indication of the tag;receiving, by the data processing system from the viewer component, theindication of the tag; selecting, by the data processing system based onthe indication of the tag, a data value; transmitting, by the dataprocessing system to the viewer component executed by the clientcomputing device, the data value to cause the viewer component to:generate a prompt comprising the data value; receive, responsive to theprompt, input from the client computing device; and provide, via thesecure communication channel and responsive to the input, the data valueto the runtime component to cause the runtime component to execute anaction with the data value via the electronic document.
 15. The methodof claim 14, comprising: parsing, by the data processing system, theelectronic document responsive to receipt of the electronic documentfrom the third party developer device; determining, by the dataprocessing system, based on parsing the electronic document, thatJavaScript is absent from the electronic document; and validating, bythe data processing system, responsive to the determination thatJavaScript is absent from the electronic document, the electronicdocument for storage in the cache server of the data processing system.16. The method of claim 14, comprising: receiving a second electronicdocument; detecting a presence of JavaScript in the second electronicdocument responsive to receipt of the second electronic document;determining, responsive to detection of the presence of the JavaScriptin the second electronic document, not to validate the second electronicdocument and remove the second electronic document from storage in thecache server.
 17. The method of claim 14, comprising: identifying themarkup language in the electronic document responsive to receipt of theelectronic document from the third party developer device; determining,based on a format of the markup language, that the electronic documentis valid for secure communication in mobile digital pages; and storing,in the cache server, the electronic document responsive to validation ofthe electronic document for secure communication in mobile digitalpages.
 18. The method of claim 14, wherein the cache server is a proxyserver for a server of the third party developer device that providedthe electronic document.
 19. The method of claim 14, comprising:intercepting, by the data processing system, a request to access theelectronic document; performing a lookup in storage of the cache serverto determine that the electronic document has been validated and storedin the cache server; retrieving, from storage in the cache server, theelectronic document instead of accessing a server of the third partydeveloper device that provided the electronic document; andtransmitting, from storage of the cache server, the electronic documentto the viewer component executed by the client computing device.
 20. Themethod of claim 14, comprising: receiving, from the viewer componentinterfacing with the runtime component via the secure communicationchannel, the indication of the tag; retrieving, responsive to the tag,the data value from an account associated with the client computingdevice stored on the data processing system; and providing, to theviewer component, the data value to cause the viewer component togenerate the prompt including the data value.